On Fri, Feb 22, 2008 at 01:48:44PM +0100, noah wrote: > 2008/2/22, Arno Wagner <wagner@xxxxxxxxxxxxxx>: > > Would be nice to have, but is technologically infeasible. > > The attack relies on hard-reset. This stops everything in its > > tracks. No additional code can be executed. > > This doesn't mean it shouldn't be done on a controlled shutdown/reboot. > Several userland tools scrub memory used for storing key material even > though they've been mlock'd. Why shouldn't the kernel do the same when > they're not needed anymore? AFAIK the keys are scubbed on removal of the mapping, which is done during controlled shutdown. Any reason why you assume it is not done? Arno -- Arno Wagner, Dipl. Inform., CISSP --- Email: arno@xxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
