Re: Cryptoswap -- was Re: raw disk access

To: debian-security@lists.debian.org
Subject: Re: Cryptoswap -- was Re: raw disk access
From: Hubert Chan <hubert@uhoreg.ca>
Date: Wed, 15 Jan 2003 15:14:58 -0500
Message-id: <[🔎] 871y3ecgql.fsf@labatt.uhoreg.ca>
In-reply-to: <[🔎] 20030115121728.GA1518@wimp.flatline.de> (Andreas Kotes's message of "Wed, 15 Jan 2003 13:17:29 +0100")
References: <[🔎] 1041995302.6379.49.camel@cartman.veeev.net> <[🔎] 20030108041658.GA8878@nautilus> <[🔎] 20030114151510.GO22848@vnl.com> <[🔎] 1042551911.5328.15.camel@sunlap> <[🔎] 20030114233524.GA25242@afrika> <[🔎] 87u1gbxg7t.fsf@labatt.uhoreg.ca> <[🔎] 20030115121728.GA1518@wimp.flatline.de>

>>>>> "Andreas" == Andreas Kotes <count-debian@flatline.de> writes:

[...]

Andreas> FUD alert! I like loop-AES, too, and would REALLY love general
Andreas> inclusion into Debian kernels, but this doesn't mean the
Andreas> authors of alternatives are/may be idiots.

Andreas> Please don't spread Fear, Uncertainty and Doubt without
Andreas> referring to facts you're sure of. Leave that to Mickeysoft ;)

I wasn't trying to spread FUD.  See how my first sentence was a
question, and my use of "I couldn't find [information]" and "I don't
think", all of which are asking for more clarification.

All I know is that when Jari first announced that loop-AES officially
supports swap encryption, and detailed what the issues involved were, he
mentioned that cryptoapi did not, at that time, handle things properly.
Recently, I searched the kerneli.org page, and did a Google search, and
could find nothing resembling an official statement, or even an
implication from an official source, that cryptoapi/cryptoloop supports
swap encryption.  Glancing through the changelogs, I did not find
anything that suggested that cryptoapi/cryptoloop supports encrypted
swap.

The author(s) of cryptoapi were aware of Jari's announcement and, to my
knowledge, didn't try to refute anything.  You can find all the details
on the linux-crypto list (do a Google search for it, and I think it's
even linked from the kerneli page), around August 2001.  A google search
for "encrypted swap" actually brings Jari's announcement as the first
result.  (Looking back, I see that there are actually a few relevant
posts by Jari, in August/September 2001.

If you can point me to an official statement, please let me know.
Things to the effect of "it works for me" don't count, since the issue
doesn't seem to be terribly likely to occur.  Since you have asked me
not to spread FUD without referring to facts, I would ask that you
return the same courtesy and not call someone on spreading FUD without
referring to facts.

-- 
Hubert Chan <hubert@uhoreg.ca> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1FF7  5291 AF29 C719 124B 61FA
Key available at wwwkeys.pgp.net.   Encrypted e-mail preferred.

Attachment: pgp2Mm3siYb71.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: Cryptoswap -- was Re: raw disk access
  - From: Andreas Kotes <count-debian@flatline.de>

References:
- raw disk access
  - From: viv <viv@veeev.com>
- Re: raw disk access
  - From: Andrew Sayers <andrew-list-debian-security@ccl.bham.ac.uk>
- Re: raw disk access
  - From: Dale Amon <amon@vnl.com>
- Cryptoswap -- was Re: raw disk access
  - From: Joshua SS Miller <joshua@fitsnips.net>
- Re: Cryptoswap -- was Re: raw disk access
  - From: Rolf Kutz <kutz@netcologne.de>
- Re: Cryptoswap -- was Re: raw disk access
  - From: Hubert Chan <hubert@uhoreg.ca>
- Re: Cryptoswap -- was Re: raw disk access
  - From: Andreas Kotes <count-debian@flatline.de>

Prev by Date: Re: Cryptoswap -- was Re: raw disk access
Next by Date: Re: Cryptoswap -- was Re: raw disk access
Previous by thread: Re: Cryptoswap -- was Re: raw disk access
Next by thread: Re: Cryptoswap -- was Re: raw disk access
Index(es):
- Date
- Thread