Date: Tue, 14 Oct 2014 12:34:05 -0400 From: "Michael W. Lucas" <mwlucas@michaelwlucas.com> To: RW <rwmaillists@googlemail.com> Cc: freebsd-hackers@freebsd.org Subject: Re: GBDE not protecting the user Message-ID: <20141014163405.GA26488@mail.michaelwlucas.com> In-Reply-To: <20141013132926.164cece9@gumby.homeunix.com> References: <20141010215842.GA6717@mail.michaelwlucas.com> <20141011113008.705ba16d@X220.alogt.com> <20141011074412.GA9432@mail.michaelwlucas.com> <20141013132926.164cece9@gumby.homeunix.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Oct 13, 2014 at 01:29:26PM +0100, RW wrote: > You can overwrite the geli metadata on the end of the provider with dd. > Preferably the whole partition if you want to be sure because anyone > that's ever had access to the disk could have copied the metadata. > > If you are going to use a passphrase I'd recommend geli which has > password strengthening. If Mallory is holding a gun to my head, I want the computer to say "The passphrase entered by the user is correct, but the on-disk decryption keys no longer exist. The user has cooperated fully. Please don't shoot him." GELI does not do this. It's designed for a different threat model. That's not a problem, or a weakness. GBDE does. Or, rather, it's supposed to. Hence this bug report. It's an unusual use case, yes. But the people who need this functionality REALLY need it. ==ml -- Michael W. Lucas - mwlucas@michaelwlucas.com, Twitter @mwlauthor http://www.MichaelWLucas.com/, http://blather.MichaelWLucas.com/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20141014163405.GA26488>