[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-users
Subject: Re: Prosecution based on memory forensics
From: Sascha Silbe <sascha-ml-reply-to-2011-1 () silbe ! org>
Date: 2011-01-16 19:21:08
Message-ID: 1295204945-sup-8177 () xo15-sascha ! sascha ! silbe ! org
[Download RAW message or body]
[Attachment #2 (--=-1295205668-690639-1156-378-5-=)]
Excerpts from Werner Koch's message of Fri Jan 14 21:01:45 +0100 2011:
> It would definitely be helpful because it makes a safe installation muc=
h
> easier. It will be used automagically and thus one does not need to
> fiddle with suspend scripts. All the password managers would benefit
> form that as they all have the same problem.
> The main threat model would be a stolen laptop with cached passphrases
> in suspend or hibernation mode. Might also be useful for smartphones.
Sounds nice for some users. But please don't forget about users who
don't want their pass phrase to be forgotten during suspend:
1. Users on systems that aggressively auto-suspend during regular
operation (e.g. on the OLPC XO).
2. Users with a threat model that doesn't consider "stolen during
suspend-to-RAM" to be different from "stolen while powered on".
So please make it easy to opt out from, preferably both on a system-wide
(to deactivate it for all applications that might make use of it) and a
per-user basis (i.e. without requiring root access).
Sascha
-- =
http://sascha.silbe.org/
http://www.infra-silbe.de/
["signature.asc" (signature.asc)]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.1.0beta1 (GNU/Linux)
iQEcBAEBCAAGBQJNM0UkAAoJELpz82VMF3Da4IoIAJq/8+UmUERaG6d40F4ml5BE
RTW3yGSlLrW3EUWd/DdMURSe73+eNRK2VZiJyP7Ud3Czky4kTtPuSL7KJmovVPC6
rAd9yK+e6feCrbnHovunYQmypSPA7HbgasEUUu5EkWfL2NAS7vUm0V9bAU+gGksq
7FyMFvemGcWZG+XC/wRvIKVojjtfV2YgMshv/dbXLCjlvwRalCNZZtQCKR8aYCC0
kplECb0gX2md+8+qFolzUoT5hN34ZFMzbnBxiAGaaL0uz+W3qtEC4mzv0OizqD2f
l6MvNw/UZS4YgxbkERqbLYOQFLts3bBJ7s+47/swU3AyKcMZSsn1YbEpTdil4yY=
=vgxM
-----END PGP SIGNATURE-----
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic