From tor@lists.grepular.com Fri Jul 6 02:42:02 2018 From: tor@lists.grepular.com To: cypherpunks-legacy@lists.cpunks.org Subject: Re: [tor-talk] janusvm still safe? Date: Fri, 06 Jul 2018 02:42:02 +0000 Message-ID: <172289270930.3881296.9824648343503466093.generated@mail.pglaf.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3934037335658446427==" --===============3934037335658446427== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit On 23/12/11 01:00, Gozu-san wrote: > Using encrypted LVM, swap (everything except boot) is encrypted. Still, > amnesia requires shutting down the host. If total amnesia is important, > you can turn off swap, write zeros to it, and then turn it back on again. I use encrypted LVM on my laptop. I disabled swap altogether. I placed the boot partition and boot loader on a separate USB stick which I keep on my person at all times. The full disk encryption uses a key file rather than a password. The key file lives on the USB stick, protected using GnuPG's symmetric encryption option. I also patched my Linux kernel with something called TRESOR to prevent the full disk encryption key living in RAM, to help defend against cold boot attacks. I wrote it all up here: https://grepular.com/Protecting_a_Laptop_from_Simple_and_Sophisticated_Attacks -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F _______________________________________________ tor-talk mailing list tor-talk(a)lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ----- End forwarded message ----- -- Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE --===============3934037335658446427==--