From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <oliviersessink@gmail.com>
Received: from mail-bw0-f217.google.com (mail-bw0-f217.google.com
	[209.85.218.217]) by mail.saout.de (Postfix) with ESMTP
	for <dm-crypt@saout.de>; Mon, 12 Apr 2010 23:43:22 +0200 (CEST)
Received: by bwz9 with SMTP id 9so5120649bwz.29
	for <dm-crypt@saout.de>; Mon, 12 Apr 2010 14:43:22 -0700 (PDT)
Message-ID: <4BC393F8.2040602@gmail.com>
Date: Mon, 12 Apr 2010 23:43:20 +0200
From: Olivier Sessink <oliviersessink@gmail.com>
MIME-Version: 1.0
References: <t2g61722e191004120810q3b2a7a36q592cd1cf12790db@mail.gmail.com>
	<20100412171540.GA3138@tansi.org>
In-Reply-To: <20100412171540.GA3138@tansi.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [dm-crypt] avoid keyloggers: enter password with mouse	(virtual
 keyboard)
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
	<mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
	<mailto:dm-crypt-request@saout.de?subject=subscribe>
To: dm-crypt@saout.de

Arno Wagner wrote:
> You can do this by having cryptsetup read the passphrase
> from stdin and attach such a virtual keyboard to stdin.
> 
> However as a keylogger has to be root and root can read
> the encryption key from memory, it is pretty useless
> security-wise.

I meant a hardware keylogger, sorry I didn't clarify that.

Olivier