[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] SlightlyOT: [was] How do I encrypt the swap (partition[s]) under SuSE 9.3 Prof ?



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


The Sunday 2005-11-20 at 07:46 -0500, Geoffrey wrote:

> > You might consider erasing the swap partition when powering off, using
> > for the purpose "/etc/init.d/halt.local". The perfomance while in use
> > will be better, but halting will be much slower.
> 
> Define erase.  In reality, I suspect, you would have to overwrite it multiple
> times in order to insure data is no longer retrievable.  It all depends on
> your level of paranoia.

Yes, of course, I meant overwriting. There is no filesystem in swap, a 
fast erase as in the filesystem has no meaning, it is impossible, and in 
the security context we are talking about, senseless.

But overwrite a single time, maybe with a random pattern. If a thief is so 
interested in my data and has the means to unerase overwritten data, then 
he is really BIG and has the means to get them anyway, like installing a 
bug in my machine or whatever.

- -- 
Cheers,
       Carlos Robinson
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Made with pgp4pine 1.76

iD8DBQFDgT94tTMYHG2NR9URAlS1AJ98S24f4niMnRlZBVsRPVPGZ1g9vACfTkHl
+sWXZRfFcv4qvFYoI80lZ+w=
=J62V
-----END PGP SIGNATURE-----


-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here