Date: Sun, 16 Jun 2013 17:47:19 +0300 From: Alaksiej <ac@belngo.info> Cc: freebsd-geom <freebsd-geom@freebsd.org> Subject: Re: geli external header (metadata) Message-ID: <CAHsZcQHLNsoKmffWVHn0DTZSjFAHRDwoOZXZ%2BXaFuh1KRLBH2w@mail.gmail.com> In-Reply-To: <alpine.BSF.2.00.1306091442080.80438@badger.tharned.org> References: <51B31D42.2010801@gmail.com> <20130609182457.GB2468@garage.freebsd.pl> <alpine.BSF.2.00.1306091442080.80438@badger.tharned.org>
next in thread | previous in thread | raw e-mail | index | archive | help
>I can't speak for Mr Romero, but I imagine what he's after is plausible >deniability. The GELI metadata on a volume unambiguously declares it to >be encrypted data. Agree. And I think this feature is in demand, taking into account growing number of jurisdictions, where a person could be legally obliged to surrender keys/passwords. On Sun, Jun 9, 2013 at 10:51 PM, Greg Rivers <gcr+freebsd-geom@tharned.org> wrote: > On Sun, 9 Jun 2013, Pawel Jakub Dawidek wrote: > >> On Sat, Jun 08, 2013 at 03:02:10PM +0300, Andrew Romero wrote: >> > Hi all >> > I made a patch to support of external header (metadata) on GEOM ELI >> > (geli) >> > > System: FreeBSD 9-STABLE r250964 i386 >> > > geli patch - http://pastebin.com/UGpnMN19 >> > regresion patch - http://pastebin.com/hJVkTpJZ >> >> I don't mean to discourage you, but every additional complexity comes at >> risk and it case of GELI this is security risk. What is missing in your work >> is explanation how it that useful for the users? How do you use it? First I >> need to understand and be convinced that this functionality is generally >> useful and thus is worth additional complexity and risk. >> > > I can't speak for Mr Romero, but I imagine what he's after is plausible > deniability. The GELI metadata on a volume unambiguously declares it to be > encrypted data. > > Properly implemented, I think this could be a worthwhile enhancement for > certain applications or circumstances where one may not wish to invite > further scrutiny. > > -- > Greg Rivers > > _______________________________________________ > freebsd-geom@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-geom > To unsubscribe, send any mail to "freebsd-geom-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHsZcQHLNsoKmffWVHn0DTZSjFAHRDwoOZXZ%2BXaFuh1KRLBH2w>