[Cryptography] It's all K&R's fault
John Gilmore
gnu at toad.com
Tue Apr 22 14:17:16 EDT 2014
> And encrypted swap is really the sweet spot for encryption
> because all the key management problems just go away...
You would think so, and so would I, but as usual in security software,
we would be wrong. There are key management problems in making the
swap partition usable by the BIOS, by subsequently booted copies of
this OS or different OSes, etc:
"Encrypted swap no longer mounted at bootup"
https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/953875
"Reinstalling over a previous installation with encrypted swap displays a "Continue without swap" warning dialog"
https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1066342
"encrypted swap reused from previous install when wiping and reinstalling"
https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1097890
"Do not offer hibernate with encrypted swap"
https://bugs.launchpad.net/ubuntu/+source/devicekit-power/+bug/423608
"gnome-power-manager hibernates even when using encrypted swap"
https://bugs.launchpad.net/ubuntu/+source/gnome-power-manager/+bug/722145
Sigh...
John
More information about the cryptography
mailing list