[vox-tech] Which cipher to use?
Shawn P. Neugebauer
vox-tech@lists.lugod.org
Tue, 4 Jun 2002 12:41:12 -0700
On Monday 03 June 2002 10:25 pm, you wrote:
[snip]
> > > Why bother encrypting my swap? Losta passwords go in there in
> > > plaintext, easily recoverable with a boot disk.
> >
> > Hrm, I'd argue that this isn't true. Many applications specifically pin
> > pages so they aren't swappable (I.e. ssh). Not to mention a healthy
> > linux box shouldn't be swapping bins out to disk while they are being
> > actively used. Have you ever found a password there?
>
> Yea, I grep'ed it for fragments of several passwords I use and found them.
I'm a little skeptical. What size fragment? Statistically, you may find
an arbitrary sequence if it's short enough. Did you actually try this after
having booted with a boot disk?
Even assuming it is a potential problem, has anyone done some simple web
research? This *cannot* be a new concern. Before people start throwing
around possible solutions, fixes, patches, etc. it would be good to look
around for what is already known here, and it's certain to be quite a bit.
Here are a two interesting references I found in 30 seconds:
http://www.citi.umich.edu/u/provos/papers/swapencrypt.ps.gz
http://mail-index.netbsd.org/tech-kern/2001/06/04/0013.html
In short, I think one has to be severely paranoid to want to pay the
costs (performance, physical security, time, labor, risk of data
loss--forgetting password--etc.) associated with this. A cost/benefit
analysis is called for.
shawn.