Re: Thanks to Fedora community; Installation & Disk Partitioning ISSUE

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Nov 7, 2011 at 11:51 AM, Tim <ignored_mailbox@xxxxxxxxxxxx> wrote:

Tim:
>> Suspend does it to RAM.  So your computer needs (minimal) power
>> continuously available to it, to keep what it's stuffed into memory.
>> If the memory is lost, then the next boot will be a cold boot.

Linux Tyro:
> But without intentionally deleting memory, how could it be lost except
> for the case that power has gone and I am not using UPS....Cold boot
> simply means that it doesn't need credentials to log-on?

Your power fails, your laptop battery goes flat, your laptop goes into a
power save mode that's inadequate for keeping the RAM contents intact...

I've always wondered about the last one, since computers use dynamic
RAM, these days, you can't just keep supplying power to the RAM, it
needs constantly refreshing.


> But still how thief can log-in when I have encrypted password,
> password necessary to boot in, disabled booting via CD-rom, disabled
> booting via usb. Still chances are there that the thief can crack in ?

With a cold boot, a thief would have to break all your encryption before
they could attempt to hack in.  They've got to get it to boot, before
they can hack it.

With a resume, the drive is already mounted to the system in an
un-encrypted manner, just there's no currently logged in user.  That's
the state that a hibernated/suspended machine will resume to (running,
but keyboard/mouse locked out until you login).

They've only got to manage to log in.  If you've left servers running,
there may be one that's vulnerable to a hack.  If you've left a mail
client running, it may be spewing your password straight out the network
port, every few minutes.

Of course, if you have a computer that auto-logs you in without you
entering any password, or you have suspend/hibernate not lock access
away during the suspend/hibernate process, a resume/boot-up will let
anybody straight in unchallenged.
>
>> Some sort of hardware token, such as a key that must be inserted
>> while booting, but is kept separate from the computer, is the
>> simplest way to avoid that problem.
>
> This I didn't understand how to achieve, but thanks for the above
> explanation.

You're welcome, and I don't have a ready answer for how one might go
about doing it.  But it's the kind of thing you'd have to do (making
booting and resuming dependent on something that you kept separate from
the laptop).

Ah, got the diea, thanks.

--
THX
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux