Re: Filesystem type survives formatting in debian installer?

To: debian-boot@lists.debian.org
Subject: Re: Filesystem type survives formatting in debian installer?
From: Josef Wolf <jw@raven.inka.de>
Date: Sun, 4 Mar 2007 15:13:20 +0100
Message-id: <[🔎] 20070304141320.GH24819@raven.wolf.local>
Mail-followup-to: Josef Wolf <jw@raven.inka.de>, debian-boot@lists.debian.org
In-reply-to: <[🔎] 20070303150405.GA4408@hardeman.nu>
References: <20070225122626.GA17113@raven.wolf.local> <[🔎] 20070301222108.GA739@hardeman.nu> <[🔎] 20070302001749.GD24819@raven.wolf.local> <[🔎] 35715.145.64.134.244.1172822341.squirrel@www.hardeman.nu> <[🔎] 20070302172619.GE24819@raven.wolf.local> <[🔎] 20070302205027.GB453@hardeman.nu> <20070303101621.GF24819@raven.wolf.local> <[🔎] 20070303150405.GA4408@hardeman.nu>

On Sat, Mar 03, 2007 at 04:04:05PM +0100, David Härdeman wrote:

> >>Which libklibc version does your installed system use?
> >
> >1.4.0-0ubuntu3 at first reboot
> >1.4.0-0ubuntu  after apt-get upgrade
> >
> >Is this _down_graded by apt-get?  Or does "dpkg -l" cut off its output?
> >
> >Do you think libklibc is causing the problem?
> 
> I'm pretty certain that it could, I wrote a number of patches against 
> klibc to deal with luks partitions in a proper manner, the most 
> important ones appeared in 1.4.9 and some less important ones appeared 
> in 1.4.31. One of the fixes was to perform the fs detection in the 
> correct order (meaning that leftover signatures would not pose a 
> problem).
> 
> So, somehow make sure that a newer libklibc is installed to /target 
> during the late_command phase, and make sure the initramfs is generated 
> using that klibc.

Ah, OK.  Thanks!

> >Besides, my further plan is to re-use this old partition as (encrypted)
> >swap space later on.  So I will randomize it.  But I don't see the need
> >to shred it or something.
> 
> But if you make an installation media which is to be used by others, and 
> they install a new OS to disk which uses encryption, they will 
> reasonably expect that any old data from any previous installations will 
> be gone?

Randomizing is OK, but shred would take too long.

> >Finally, you got me.  I almost forgot about this one.  Unfortunately,
> >/dev/urandom is soooo sloooow. :-(
> >
> >Maybe "dd if=/dev/zero of=/dev/mapper/xxx" (using dmcrypt to "randomize")
> >would be faster.  But, OTOH, I bet this method would open some
> >vulnerabilities (known-plaintext attacks).
> 
> I don't think it is. If the output from e.g. aes would be 
> distinguishable from random data, that would be a strong indication that 
> aes was broken. Besides, it is basically the method the installer uses 
> so I really hope it is sane :)

I am not a crypto expert.  But AFAIK having huge amounts of known plaintext
and its chiphertext makes attacks easier.

Reply to:

References:
- Re: Filesystem type survives formatting in debian installer?
  - From: David Härdeman <david@hardeman.nu>
- Re: Filesystem type survives formatting in debian installer?
  - From: Josef Wolf <jw@raven.inka.de>
- Re: Filesystem type survives formatting in debian installer?
  - From: David Härdeman <david@hardeman.nu>
- Re: Filesystem type survives formatting in debian installer?
  - From: Josef Wolf <jw@raven.inka.de>
- Re: Filesystem type survives formatting in debian installer?
  - From: David Härdeman <david@hardeman.nu>
- Re: Filesystem type survives formatting in debian installer?
  - From: David Härdeman <david@hardeman.nu>

Prev by Date: Bug#413354: marked as done (debian-installer: Boot screen should have notification about graphical installer)
Next by Date: Re: D-I RC2 - Status and schedule - Post-Etch development
Previous by thread: Re: Filesystem type survives formatting in debian installer?
Next by thread: Re: Filesystem type survives formatting in debian installer?
Index(es):
- Date
- Thread