From: Jeremy Maitin-Shepard <jeremy@jeremyms.com>
To: U Kuehn <ukuehn@acm.org>
Cc: "Rafael J. Wysocki" <rjw@sisk.pl>,
tuxonice-devel@lists.tuxonice.net, linux-kernel@vger.kernel.org
Subject: Re: [TuxOnIce-devel] RFC: Suspend-to-ram cold boot protection by encrypting page cache
Date: Wed, 01 Jul 2009 22:47:27 -0700 [thread overview]
Message-ID: <87ljn7y6ts.fsf@jeremyms.com> (raw)
In-Reply-To: <4A4C4226.8000302@acm.org> (U. Kuehn's message of "Thu, 02 Jul 2009 07:14:14 +0200")
U Kuehn <ukuehn@acm.org> writes:
> [snip]
> The approach to encrypt the memory contents during suspend-to-ram seems
> to be a very fundamental change in the kernel, in order to protect
> against a very specific attack.
As I have said, I believe that tuxonice already supports almost
everything that is needed to implement it, and that the changes would
not in fact have to be all that intrusive to the rest of the kernel.
It is a very specific attack in some sense, but it is also a very
general attack in that it affects practically every computer out there.
> And unfortunately it helps only against an cold-boot attack that
> happens during suspend-to-ram. It does not protect against the attack
> taking place when the machine is just "on".
Naturally the protection is only effective when it is actually engaged.
However, I think that the cases in which a machine is susceptible to
being stolen or tampered often correspond to cases in which it makes
sense to have it suspended. For a laptop, for instance, the highest
risk is likely when the machine is left unattended or in transit. In
either case, it would likely be reasonable to have the machine
suspended. Obviously the protection would not help you if you wish to
leave the machine unattended while it completes some computational task.
Nonetheless, I believe the level of protection offered would still be
very useful to many people, myself included.
--
Jeremy Maitin-Shepard
next prev parent reply other threads:[~2009-07-02 5:47 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-07-01 6:07 RFC: Suspend-to-ram cold boot protection by encrypting page cache Jeremy Maitin-Shepard
2009-07-01 6:24 ` [TuxOnIce-devel] " Nigel Cunningham
2009-07-01 6:43 ` Jeremy Maitin-Shepard
2009-07-01 9:09 ` Nigel Cunningham
2009-07-01 15:55 ` Rafael J. Wysocki
2009-07-01 20:57 ` Jeremy Maitin-Shepard
2009-07-01 22:41 ` Rafael J. Wysocki
2009-07-01 22:58 ` Nigel Cunningham
2009-07-01 23:06 ` Jeremy Maitin-Shepard
2009-07-02 5:14 ` U Kuehn
2009-07-02 5:47 ` Jeremy Maitin-Shepard [this message]
2009-07-02 16:12 ` Rafael J. Wysocki
2009-07-04 2:44 ` Pavel Machek
2009-07-08 10:47 ` Jeremy Maitin-Shepard
2009-07-04 2:57 ` Pavel Machek
2009-07-08 11:09 ` Jeremy Maitin-Shepard
2009-07-09 10:14 ` Pavel Machek
2009-07-10 7:05 ` Jeremy Maitin-Shepard
2009-07-11 22:10 ` Pavel Machek
2009-07-01 12:21 ` Jens Gustedt
2009-07-01 20:40 ` Jeremy Maitin-Shepard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87ljn7y6ts.fsf@jeremyms.com \
--to=jeremy@jeremyms.com \
--cc=linux-kernel@vger.kernel.org \
--cc=rjw@sisk.pl \
--cc=tuxonice-devel@lists.tuxonice.net \
--cc=ukuehn@acm.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.