[dm-crypt] nuke password to delete luks header

Heiko Rosemann heiko.rosemann at web.de
Fri Jan 17 15:51:16 CET 2014

Hash: SHA1

On 01/17/2014 02:12 PM, Arno Wagner wrote:
> On Fri, Jan 17, 2014 at 13:43:42 CET, Jonas Meurer wrote:
>> Am 16.01.2014 21:18, schrieb Matthias Schniedermeyer:
>>> In short: The documented existence of such a feature is a risk
>>> by itself.
>> Same logic applied, even the existence of this discussion is a
>> risk by itself. It proves that people might use a patched
>> cryptsetup with added nuke feature already.
>> Kind regards, jonas
> Yes, it is. That is one of the reasons why I strongly recommend not
> taking ecrypted data into danger at all and making sure all unused
> space on storage media is zeroed.

...which could, by the same logic applied earlier, make the LEO at the
border suspicious of you having destroyed evidence. Unless you provide
a proof of purchase, showing that the hard-drive is in fact new and
therefore still factory-zeroed.

This train of thought goes some very ugly ways very quickly, and
probably boils down to: Social problems can't be solved by technology.

Just my 2 cents,
- -- 
Mein PGP-Key zur Verifizierung: http://pgp.mit.edu
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/


More information about the dm-crypt mailing list