[tor-talk] janusvm still safe?
tor at lists.grepular.com
tor at lists.grepular.com
Fri Dec 23 06:05:13 PST 2011
On 23/12/11 01:00, Gozu-san wrote:
> Using encrypted LVM, swap (everything except boot) is encrypted. Still,
> amnesia requires shutting down the host. If total amnesia is important,
> you can turn off swap, write zeros to it, and then turn it back on again.
I use encrypted LVM on my laptop. I disabled swap altogether. I placed
the boot partition and boot loader on a separate USB stick which I keep
on my person at all times. The full disk encryption uses a key file
rather than a password. The key file lives on the USB stick, protected
using GnuPG's symmetric encryption option. I also patched my Linux
kernel with something called TRESOR to prevent the full disk encryption
key living in RAM, to help defend against cold boot attacks. I wrote it
all up here:
https://grepular.com/Protecting_a_Laptop_from_Simple_and_Sophisticated_Attacks
--
Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc
Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell
PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
_______________________________________________
tor-talk mailing list
tor-talk at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the cypherpunks-legacy
mailing list