Google
  Web www.spinics.net

Re: Linux distro w/loop-aes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


-------- Original-Nachricht --------
Datum: Fri, 4 May 2007 00:23:17 +0200
Von: Max Vozeler <max@xxxxxxxxxxxx>
An: linux-crypto@xxxxxxxxxxxx

> > No, we are far from a distro that asks for a memory stick to save 
> > your root gpg files on it. Very far.
> 
> What makes you think so?

What makes me so pessimistic about full disk encryption beginning with the installation? Well, first the fact that I had to struggle with every single SuSE distro since I started with 8.1. Two hours ago I had a (deeper) look at Kubuntu 7.04 amd64 regarding its loop-aes capabilities. It was embarrassing. I found your name several times when people asked where they may get the appropriate packages to build the loop module. As of today:
- ubuntu lacks loop-aes (feisty)
- debian (!) packages have to be used as interim solution to get it working somehow
- the ubuntu 7.04 DVD starts a live system where rmmod loop fails
- not even a successful build of the loop.ko can be verified from within the live system

To avoid misunderstandings, I appreciate your engagement in debian and ubuntu! My words are not criticism but ubuntu isn´t much closer to loop-aes than SuSE.

With regard to FULL disk encryption I have serious doubts if the majority of debian/ubuntu users want such deep interventions in the kernel configuration. Up to now I always had to build a special kernel to include vfat, usb, serial ata, native language support and the like. For this evening it looks like it will remain the same even with debian and ubuntu anyway. Nonetheless, ubuntu and SuSE are fine distros with installers that most people are able to use. What you build upon this basis remains up to you.

> If they already handle e.g. loading of
> pre-configuration from floppy or USB media, it may not be much work
> to extend it for write access and generating/storing the keys.

"USB media" invites me to explain why I am so crazy about this option. USB media are no bulky boxes! It is more like this:
Dimensions: 15mm x 11mm x 1mm(L x W x D)
http://sandisk.com/Products/ProductInfo.aspx?ID=1195
And don´t forget, the cheap 128 MB version is already oversized.

-- 
"Feel free" - 10 GB Mailbox, 100 FreeSMS/Monat ...
Jetzt GMX TopMail testen: http://www.gmx.net/de/go/topmail

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/


[Home]     [Kernel]     [Linux Crypto]     [Gnu Crypto]     [Gnu Classpath]     [Netfilter]     [Bugtraq]     [Network Security Reading]

Add to Google