[dm-crypt] nuke password to delete luks header

Arno Wagner arno at wagner.name
Sat Jan 18 09:43:53 CET 2014


On Sat, Jan 18, 2014 at 00:18:27 CET, Claudio Moretti wrote:
> On Fri, Jan 17, 2014 at 8:17 AM, Thomas Bastiani <thom at codehawks.eu> wrote:
> 
> > On 16 January 2014 22:49, Claudio Moretti <flyingstar16 at gmail.com> wrote:
> >>
> >>  2) Your life is in danger and somebody wants something from your
> >> laptop: what do you think will happen then, if you wipe your key?
> >>
> >
> > I believe Iggy made a point earlier:
> > " [...] not everyone values their physical well-being over the compromise
> > of their data."
> >
> > Which is a surprisingly (to me) valid point. There might be cases where
> > someone might actually want to protect something at the cost of their life.
> >
> 
> I hadn't thought about that, but now that you mention it I've given it a
> little thought and I agree. Suppose you're a police officer, you're
> carrying an encrypted laptop with thousands of names of people in a witness
> protection program, and you're captured by the mob.

The mob has IT security experts and will not allow this person to
trick them. 
 
> Without diving into further examples concerning the safety of the people
> someone holds most dear, I believe this is the perfect example.

For my option 1. "erase container while still free to act" it is
a valid example. For option 2. "try to trick adversaries while 
already in their power", it is just as bad as all the others.

Arno
 
-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno at wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
There are two ways of constructing a software design: One way is to make it
so simple that there are obviously no deficiencies, and the other way is to
make it so complicated that there are no obvious deficiencies. The first
method is far more difficult.  --Tony Hoare


More information about the dm-crypt mailing list