Date: Tue, 8 Sep 2015 19:51:16 +0100 From: Igor Mozolevsky <igor@hybrid-lab.co.uk> To: "Li, Xiao" <xaol@amazon.com> Cc: Hackers freeBSD <freebsd-hackers@freebsd.org>, Analysiser <analysiser@gmail.com> Subject: Re: Passphraseless Disk Encryption Options? Message-ID: <CADWvR2hHFYYKLGAW-YsAK_XQ7E5bdWjDxbTMgDfk4Ca8B05LcA@mail.gmail.com> In-Reply-To: <D2147761.1A53%xaol@amazon.com> References: <8B7FEE2E-500E-49CF-AC5E-A2FA3054B152@gmail.com> <CADWvR2iv7xz02Fw9b=159%2BSMuphQGRKZsfyy9DDeqGMxn=p1BA@mail.gmail.com> <D214715D.1A32%xaol@amazon.com> <CADWvR2iVubsBQjnvQ8mDGGS7ujsR8wPQ2RAxn=kvFkmVGQkXiQ@mail.gmail.com> <D2147761.1A53%xaol@amazon.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 8 September 2015 at 19:35, Li, Xiao <xaol@amazon.com> wrote: > Agreed, that=C2=B9s why I=C2=B9m stuck in here: it seems like something e= ither > unachievable or haven=C2=B9t been done before. I mentioned Apple=C2=B9s m= ethod is > only because it is something similar in that both requires a full disk > encryption on startup disk. But Apple=C2=B9s way is like to decrypt the d= isk on > login; I=C2=B9m trying to decrypt the disk during prelogin after the boot= . > I think you're missing the point- I suspect Apple's login *is* the decrypt process- OS X needs something from the user to give access to the data; without the user typing in their password, the data on the disk (as I said) is just a source of entropy. --=20 Igor M.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADWvR2hHFYYKLGAW-YsAK_XQ7E5bdWjDxbTMgDfk4Ca8B05LcA>