On Fri, Jan 17, 2014 at 13:43:42 CET, Jonas Meurer wrote: > Am 16.01.2014 21:18, schrieb Matthias Schniedermeyer: > > On 16.01.2014 20:33, Milan Broz wrote: > >> > >> But I cannot say that all possible situations comes under this qualification. > >> Maybe it can help someone in dangerous situation to not leak some important data > >> which later help others. Dunno. > >> > >> Still it doesn't mean it is worth to be implemented but let's think > >> at least twice here please. > > > > Meanwhile increasing the risk of everybody else, because once that > > feature is a documented part of the system everybody will assume that > > everybody will use it. Good look defending against a "Destruction of > > Evidence" accusation, in case that happens in a situation with a LEO. > > > > Same as the hidden volume "feature" of Truecypt which everybody will > > assume you use, because it's such a swell feature. (Plausible > > deniabilty? Yeah sure <snort>) > > > > > > In short: > > The documented existence of such a feature is a risk by itself. > > Same logic applied, even the existence of this discussion is a risk by > itself. It proves that people might use a patched cryptsetup with added > nuke feature already. > > Kind regards, > jonas Yes, it is. That is one of the reasons why I strongly recommend not taking ecrypted data into danger at all and making sure all unused space on storage media is zeroed. However, the risk gets more serious if it is a standard feature. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. The first method is far more difficult. --Tony Hoare _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
