On Mon, Mar 28, 2016 at 6:35 AM, Austin S. Hemmelgarn <ahferroin7@xxxxxxxxx> wrote: > The other caveat that nobody seems to mention outside of specific cases is > that using suspend to disks exposes you to direct attack by anyone with the > ability to either physically access the system, or boot an alternative OS on > it. This is however not a Linux specific issue (although Windows and OS X > do a much better job of validating the hibernation image than Linux does > before resuming from it, so it's not as easy to trick them into loading > arbitrary data). OS X uses dynamically created swapfiles, and the hibernation file is a separate file that's pre-allocated. Both are on the root file system, so if you encrypt, then those files are also encrypted. Hibernate involves a hint in NVRAM that hibernate resume is necessary, and the firmware uses a hibernate recovery mechanism in the bootloader which also has a way to unlock encrypted volumes (which are kinda like an encrypted logical volume, as Apple now defaults to using a logical volume manager of their own creation). -- Chris Murphy -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
