From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from tansi.org (ns.km10532-04.keymachine.de [87.118.102.195]) by mail.saout.de (Postfix) with ESMTP for ; Mon, 16 Aug 2010 00:10:52 +0200 (CEST) Received: from gatewagner.dyndns.org (84-74-164-239.dclient.hispeed.ch [84.74.164.239]) by tansi.org (Postfix) with ESMTPA id CA23A1218359 for ; Mon, 16 Aug 2010 00:10:51 +0200 (CEST) Date: Mon, 16 Aug 2010 00:10:51 +0200 From: Arno Wagner Message-ID: <20100815221051.GA13494@tansi.org> References: <20100726210741.GC24052@tansi.org> <1280180557.3266.136.camel@fermat.scientia.net> <4C682354.50907@web.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4C682354.50907@web.de> Subject: Re: [dm-crypt] Efficacy of xts over 1TB List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de On Sun, Aug 15, 2010 at 07:26:44PM +0200, Uwe Menges wrote: > On 07/27/2010 01:42 AM, Mario 'BitKoenig' Holbe wrote: > > Of course, your attacker has to be able to capture a snapshot after the > > first fill-up ... probably via some forensic magic - people who believe > > in encryption often tend to also still believe in Peter Gutmann :) > > No forensic magic is needed if you are eg. using a LUKS crypted iSCSI > volume and the attacker is able to mirror you network traffic. > > Cheers, Uwe Well, if the attacker mirrors your network traffic with iSCSI, encryption does not matter anymore for any change analysis. But using such a set-up wpuld be pretty stupid anayways.... ;-) Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier