On Tue, 28 Mar 2006 21:24:27 -0000 "Brandon Enright" <....> wrote: > > I've thought about a self destruct feature too. It's probably something > that would be best implemented in LUKS. Rather than having the complication > of trying to create a new valid file system though, I'd rather it just > destroy the LUKS master key rendering all data completely useless. Sure > this might get you shot in case 1 and a maximum sentence in case 2 but some > users may have data important enough that having it compromised is worse > than other consequences. There is a huge problem with that (I mentioned it in my first message already and Hendrik pointed it out either): In my presented solution as well as in every other software based solution, security is based on the "security by obscurity" principle. Thus self-destruct will only work as long as the right software runs on the system. If the attacker takes the disk out of your system or uses software without self-destruct, there is no self-destruct. In answer to my first post, Henrik linked me to http://www.truecrypt.org/ Truecrypt allows creation of "hidden volumes", in some kind similar to my overlapping partition idea. IMHO truecrypt offers a very reasonable solution to the "gun pointed a head" problem ;) greets, Stefan --------------------------------------------------------------------- - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
