On Wed, Nov 16, 2016 at 00:28:50 CET, Sven Eschenberg wrote: [...] > The CVE however assumed, that you can not simply access the internal > parts of the machine. Still, more fuzz than substance in that CVE, > if you ask me. My take also. Probably some ego-boosting going on somewhere in this affair. The whole set-up seems contrieved to me and not of general applicability enough to make this a CVE or even a real defect. At best, I see a mild violation of the "Principle of least surprise". Anybody that really needs the "security" the fix provides has far bigger problems. Regards, Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- A good decision is based on knowledge and not on numbers. -- Plato If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
