On Sat, Jan 18, 2014 at 13:42:10 CET, Claudio Moretti wrote: > On Sat, Jan 18, 2014 at 8:43 AM, Arno Wagner <arno@xxxxxxxxxxx> wrote: > > > The mob has IT security experts and will not allow this person to > > trick them. > > > > > Fair enough > > > > > Without diving into further examples concerning the safety of the people > > > someone holds most dear, I believe this is the perfect example. > > > > For my option 1. "erase container while still free to act" it is > > a valid example. For option 2. "try to trick adversaries while > > already in their power", it is just as bad as all the others. > > > > "try to trick" is the keyword here, and we can circle back to something > you said (more or less) before: is there any case in which trying to trick > someone is going to give you any benefits? > > I suppose for every specific case there is a possible counter-response (see > my mob example and your answer). Still, real life is not so black and > white, so maybe it could be possible to trick someone.. But here it all > depends by the person trying to trick (and his or her skills in lying) so... Just my point. It depends on personal skill far more than on technical thing and not everybody is "The Mentalist" and can trick people easily. The other thing is that in cases where you have a good chance of pulling it off, "I forgot it" or "I don't know" may work just as well as trying a technical trick, but the risks of the technical trick are far far worse. If they are about to torture you, on the other hand, they will also make that forensic copy and the "nuke" option is worthless. Really, "nuke" only helps if they are willing to put so much pressure on you that you fear you cannot refuse giving the password (whether directly, or by "I do not know it") but on the other hand, they are incompetent enough to not make that forensic copy. I really do not see this combination happen with any relevant probability, except maybe in a war area or the like. But that is something we should definitely place out of scope for LUKS. In such cases password and data should travel two distinct paths and should not travel at the same time. Incidentally, for very high value data, that method is used in peace-time as well, namely have one group take that encrypted data and have a second group take the password and do not have both out of a protected environment at the same time. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. The first method is far more difficult. --Tony Hoare _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
