On Mon, Nov 7, 2011 at 11:51 AM, Tim <ignored_mailbox@xxxxxxxxxxxx> wrote:
Tim:
>> Suspend does it to RAM. So your computer needs (minimal) powerLinux Tyro:
>> continuously available to it, to keep what it's stuffed into memory.
>> If the memory is lost, then the next boot will be a cold boot.
> But without intentionally deleting memory, how could it be lost exceptYour power fails, your laptop battery goes flat, your laptop goes into a
> for the case that power has gone and I am not using UPS....Cold boot
> simply means that it doesn't need credentials to log-on?
power save mode that's inadequate for keeping the RAM contents intact...
I've always wondered about the last one, since computers use dynamic
RAM, these days, you can't just keep supplying power to the RAM, it
needs constantly refreshing.
With a cold boot, a thief would have to break all your encryption before
> But still how thief can log-in when I have encrypted password,
> password necessary to boot in, disabled booting via CD-rom, disabled
> booting via usb. Still chances are there that the thief can crack in ?
they could attempt to hack in. They've got to get it to boot, before
they can hack it.
With a resume, the drive is already mounted to the system in an
un-encrypted manner, just there's no currently logged in user. That's
the state that a hibernated/suspended machine will resume to (running,
but keyboard/mouse locked out until you login).
They've only got to manage to log in. If you've left servers running,
there may be one that's vulnerable to a hack. If you've left a mail
client running, it may be spewing your password straight out the network
port, every few minutes.
Of course, if you have a computer that auto-logs you in without you
entering any password, or you have suspend/hibernate not lock access
away during the suspend/hibernate process, a resume/boot-up will let
anybody straight in unchallenged.
>You're welcome, and I don't have a ready answer for how one might go
>> Some sort of hardware token, such as a key that must be inserted
>> while booting, but is kept separate from the computer, is the
>> simplest way to avoid that problem.
>
> This I didn't understand how to achieve, but thanks for the above
> explanation.
about doing it. But it's the kind of thing you'd have to do (making
booting and resuming dependent on something that you kept separate from
the laptop).
Ah, got the diea, thanks.
--
THX
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines