From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <heiko.rosemann@web.de>
Received: from mail.saout.de ([127.0.0.1])
 by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 7mahYyjj2ND1 for <dm-crypt@saout.de>;
 Fri, 17 Jan 2014 15:51:17 +0100 (CET)
Received: from mout.web.de (mout.web.de [212.227.15.14])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA (128/128 bits))
 (No client certificate requested)
 by mail.saout.de (Postfix) with ESMTPS
 for <dm-crypt@saout.de>; Fri, 17 Jan 2014 15:51:17 +0100 (CET)
Received: from [192.168.123.201] ([92.227.125.127]) by smtp.web.de (mrweb102)
 with ESMTPSA (Nemesis) id 0LnS4I-1VQBv121Ve-00hfbE for
 <dm-crypt@saout.de>; Fri, 17 Jan 2014 15:51:17 +0100
Message-ID: <52D94364.60706@web.de>
Date: Fri, 17 Jan 2014 15:51:16 +0100
From: Heiko Rosemann <heiko.rosemann@web.de>
MIME-Version: 1.0
References: <ED2C3830-3668-4225-B84A-AAAA0F0873F6@offensive-security.com>
 <CAFnMBaQHCp+EnstW6t7OgwdWzXEx9rtY04nzyh8tVmyD31yc1g@mail.gmail.com>
 <638F1A81-8F17-4E18-8993-7F848EA84F08@offensive-security.com>
 <20140114043042.GA15870@tansi.org> <52D6EF1B.4020206@gmail.com>
 <52D7AB5E.8020302@redhat.com>
 <CAEherqDu9ufycoVtbj_a+n=aNrJ9JkLb8rS075td28=WrDGoPw@mail.gmail.com>
 <52D833F1.5010205@gmail.com> <20140116201837.GA16656@citd.de>
 <52D9257E.6000906@freesources.org> <20140117131209.GA27651@tansi.org>
In-Reply-To: <20140117131209.GA27651@tansi.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [dm-crypt] nuke password to delete luks header
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt/>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: dm-crypt@saout.de

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/17/2014 02:12 PM, Arno Wagner wrote:
> On Fri, Jan 17, 2014 at 13:43:42 CET, Jonas Meurer wrote:
>> Am 16.01.2014 21:18, schrieb Matthias Schniedermeyer:
>>> In short: The documented existence of such a feature is a risk
>>> by itself.
>> 
>> Same logic applied, even the existence of this discussion is a
>> risk by itself. It proves that people might use a patched
>> cryptsetup with added nuke feature already.
>> 
>> Kind regards, jonas
> 
> Yes, it is. That is one of the reasons why I strongly recommend not
> taking ecrypted data into danger at all and making sure all unused
> space on storage media is zeroed.

...which could, by the same logic applied earlier, make the LEO at the
border suspicious of you having destroyed evidence. Unless you provide
a proof of purchase, showing that the hard-drive is in fact new and
therefore still factory-zeroed.

This train of thought goes some very ugly ways very quickly, and
probably boils down to: Social problems can't be solved by technology.

Just my 2 cents,
Heiko
- -- 
Mein PGP-Key zur Verifizierung: http://pgp.mit.edu
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEUEARECAAYFAlLZQ2AACgkQ/Vb5NagElAWsHgCgqnwGDuagmZXMG5Ej6L3mDIpg
n5sAlj/brCK9og9w10oypThJisAVNaY=
=eHzo
-----END PGP SIGNATURE-----