From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-ww0-f44.google.com (mail-ww0-f44.google.com [74.125.82.44]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by mail.saout.de (Postfix) with ESMTPS for ; Fri, 15 Apr 2011 16:21:31 +0200 (CEST) Received: by wwa36 with SMTP id 36so3272093wwa.1 for ; Fri, 15 Apr 2011 07:21:30 -0700 (PDT) Message-ID: <4DA85469.3080503@gmail.com> Date: Fri, 15 Apr 2011 16:21:29 +0200 From: Cristian KLEIN MIME-Version: 1.0 References: <4DA84DA2.3020302@gmail.com> In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Subject: Re: [dm-crypt] yet another "lost my partition" message List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Roscoe Cc: dm-crypt@saout.de On 15/04/2011 16:15, Roscoe wrote: > On Fri, Apr 15, 2011 at 11:52 PM, Cristian KLEIN wrote: > ... >> A posteriori, I cannot help wonder why such pretious information isn't >> kept redundantly. Surely LUKS could have stored the header in 10 random >> sectors with an easy-to-grep "HERE I AM" banner. Wouldn't this allow >> users to recover the master-key (and part of the file-system) without >> compromising security? > ... > > It's supposed to be fragile and easily destroyed, this is by design. I think users expect it to be *secure*, i.e., if a laptop gets stolen in an airport, the user has no worries. I'm not sure users appreciate "fragile". Personally, this is not what I expect from full-disk encryption. > Accidently running cryptsetup luksFormat is unfortunate, as is running > mkfs or dd on the wrong device. Good thing for backups. Still, mkfs and dd give you a second chance (see testdisk and friends). Why not luksFormat? Cristi.