Putting the "NSA Data Overwrite Standard" Legend to Death... (fwd)

Dave Howe DaveHowe at gmx.co.uk
Sun Feb 9 16:58:34 PST 2003

Jim Choate wrote:
> On Sun, 9 Feb 2003, Dave Howe wrote:
>> Jim Choate wrote:
>>> Yes, it can mount the partition. That isn't the problem. The problem
>>> is that for lilo to do this it has to have access to the key in
>>> plaintext. That makes the entire exercise moot.
>> not if you have to type it every time.
> Then I'd say lilo isn't mounting it, you are.
no, lilo is. if you you can mount a pgpdisk (say) without software, then you
are obviously much more talented than I am :)

for virtual drives, the real question is at what point in the boot process
you can mount a drive - if it is not until the os is fully functional, then
you are unable to protect the os itself. if the bootstrap process can mount
the drive before the os is functional, then you *can* protect the os. Win9x
uses dos as its bootstrap (and drivespace gives a good example of a virtual
drive system that can hand over to a 32bit driver as the os starts). lilo
*could* kick a virtual drive into existence during the kernel boot, given
such a driver and some patches to both kernel and lilo itself.  that it
would need a password from somewhere during this process is both obvious and
not a major issue.

More information about the cypherpunks-legacy mailing list