From: R3s1stanc3 <r3s1stanc3@riseup.net>
To: dm-crypt@saout.de
Subject: [dm-crypt] nuke password to delete luks header
Date: Mon, 06 Jan 2014 22:01:56 +0100 [thread overview]
Message-ID: <52CB19C4.9070404@riseup.net> (raw)
[-- Attachment #1: Type: text/plain, Size: 1244 bytes --]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi
today I read this post by the developers of Kali Linux:
http://www.kali.org/how-to/emergency-self-destruction-luks-kali/
I think, this is a really great feature and should be officially added
to the cryptsetup source.
So I wrote Milan and he told me, that there would be no additional
security, because an "attacker will simple first backup header and then
use this (or will use key from memory if device is mounted)."
He also told me to move the discussion to the mailinglist and if we
would find some valuable use case, they would think about it.
So now I'm here
In my opinion, a valuable use case would be the following case:
If you got the possibility to access your computer for a few seconds,
before an attacker does, you simply could enter your nuke password and
delete the luks header. This would be much faster, than entering your
real password, booting your system and deleting the header, using the
system's tools
Are there any other ideas of valuable use cases?
greets R3s1stanc3
-----BEGIN PGP SIGNATURE-----
iF4EAREKAAYFAlLLGcQACgkQUaCkMJCt6r7pMAD/ahtaUWTCmuw4Q8QwdlpD/dZM
SSDgTw2U/fM6mZH618AA/0MuHeitb94r+mNVFniPBiKVz53ZtoguFXnXsczx7Qs4
=f/OJ
-----END PGP SIGNATURE-----
[-- Attachment #2: 0xDBCB4A0A.asc --]
[-- Type: application/pgp-keys, Size: 21034 bytes --]
[-- Attachment #3: 0xDBCB4A0A.asc.sig --]
[-- Type: application/pgp-signature, Size: 96 bytes --]
next reply other threads:[~2014-01-06 21:12 UTC|newest]
Thread overview: 62+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-01-06 21:01 R3s1stanc3 [this message]
2014-01-06 21:39 ` [dm-crypt] nuke password to delete luks header Heinz Diehl
2014-01-06 21:44 ` R3s1stanc3
2014-01-06 23:33 ` Claudio Moretti
2014-01-06 23:38 ` R3s1stanc3
2014-01-07 0:03 ` Arno Wagner
2014-01-07 0:01 ` Arno Wagner
-- strict thread matches above, loose matches on Subject: below --
2014-01-14 2:10 Jim O'Gorman
2014-01-14 2:41 ` .. ink ..
2014-01-14 2:52 ` Jim O'Gorman
2014-01-14 4:04 ` .. ink ..
2014-01-14 4:36 ` Arno Wagner
2014-01-14 5:00 ` .. ink ..
2014-01-14 7:11 ` Arno Wagner
2014-01-14 12:05 ` .. ink ..
2014-01-14 14:34 ` Arno Wagner
2014-01-14 19:22 ` .. ink ..
2014-01-15 19:36 ` Milan Broz
2014-01-16 11:50 ` Arno Wagner
2014-01-14 4:30 ` Arno Wagner
2014-01-14 5:01 ` Jim O'Gorman
2014-01-15 20:27 ` Milan Broz
2014-01-16 9:50 ` Ondrej Kozina
2014-01-16 10:30 ` Thomas Bastiani
2014-01-16 13:09 ` Florian Junghanns
2014-01-16 19:33 ` Milan Broz
2014-01-16 20:09 ` helices
2014-01-16 20:11 ` Iggy
2014-01-16 21:36 ` Matthias Schniedermeyer
2014-01-16 21:55 ` Arno Wagner
2014-01-16 22:49 ` Claudio Moretti
2014-01-17 8:17 ` Thomas Bastiani
2014-01-17 23:18 ` Claudio Moretti
2014-01-18 8:43 ` Arno Wagner
2014-01-18 12:42 ` Claudio Moretti
2014-01-18 19:18 ` Arno Wagner
2014-01-16 20:18 ` Matthias Schniedermeyer
2014-01-16 20:28 ` .. ink ..
2014-01-16 21:02 ` Brian
2014-01-16 21:24 ` Arno Wagner
2014-01-16 20:59 ` Milan Broz
2014-01-16 21:43 ` Arno Wagner
2014-01-17 12:43 ` Jonas Meurer
2014-01-17 13:12 ` Arno Wagner
2014-01-17 14:27 ` Jonas Meurer
2014-01-17 15:16 ` Matthias Schniedermeyer
2014-01-17 14:32 ` Rick Moritz
2014-01-17 14:32 ` Jonas Meurer
2014-01-17 14:57 ` Arno Wagner
2014-01-17 14:51 ` Heiko Rosemann
2014-01-17 15:10 ` Arno Wagner
2014-01-16 12:01 ` Arno Wagner
2014-01-16 11:59 ` Arno Wagner
2014-01-21 22:40 ` Jonas
2014-01-23 21:26 ` Milan Broz
2014-01-23 22:11 ` .. ink ..
2014-01-23 22:30 ` Milan Broz
2014-01-23 23:43 ` Arno Wagner
2014-01-27 9:04 ` Jonas Meurer
2014-01-27 12:44 ` Arno Wagner
2014-01-27 20:30 ` Milan Broz
2014-01-28 10:28 ` Jonas Meurer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=52CB19C4.9070404@riseup.net \
--to=r3s1stanc3@riseup.net \
--cc=dm-crypt@saout.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.