On 2003-07-15, Thomas Shaddack uttered:
Take a relay and connect it to a door switch.
Precisely. It's not just about manual shutdown, but all surprise shutdowns. Also, I'm afraid of the possibility that simply switching the power off might not do the trick -- we don't care about how dirty the system state will become short of dataloss outside the current working set, but we do need to be sure all crypto and plaintext I/O relevant state is properly purged from memory and peripherals. There are plenty of examples like printer buffers, random pools, already keyed smartcards, anything you're currently showing on-screen (I wouldn't be surprised if that could be read after sustained powerdown), any battery backed memory, off-the-shelf peripherals which do not admit crypto, and so on. Probably we'd also want to make the machine as dead as possible, shutting down any remote power-on features, network connections (otherwise retries might go on for a fair while), open phone lines, whathaveyou. That's why we might need software, and not just the power switch. I can also imagine situations where we'd want to be able to perform manual shutdowns remotely. -- Sampo Syreeni, aka decoy - mailto:decoy@iki.fi, tel:+358-50-5756111 student/math+cs/helsinki university, http://www.iki.fi/~decoy/front openpgp: 050985C2/025E D175 ABE5 027C 9494 EEB0 E090 8BA9 0509 85C2