Hi Carlos, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Friday 2005-11-18 at 11:18 +0100, Dirk Schreiner wrote:
The way was to format swap every boottime with a new generated encryption Key and store the key only in the Kernel.
How about in-use speed?
Security is costy SCNR. But as you can use symetric encryption, it is not too costy. Just Think swap is 100 Times slower than Ram. So slowing down swap a little would not have too much Effect overall. And don`t forget, normaly the most swap actions are done during Idle time. Just compare, if it fit`s for you.
And don`t use suspend to harddisk ;-))
Too bad :-(
Aehm Linux _is_ wonderful ;-) http://www.suspend2.net/features But anyway, maybe it is easier to shutdown, and reboot, than typing in a long and secure passphrase during boot. Do you have a smartcard reader ? Greetings, Dirk TRIA IT-consulting GmbH Joseph-Wild-Straße 20 81829 München Germany Tel: +49 (89) 92907-0 Fax: +49 (89) 92907-100 http://www.tria.de Registergericht München HRB 113466 USt.-IdNr. DE 180017238 Steuer-Nr. 802/40600 Geschäftsführer: Richard Hofbauer kaufm. Geschäftsleitung: Rosa Igl-------------------------------------------------------- Nachricht von: Dirk.Schreiner@tria.de Nachricht an: robin1.listas@tiscali.es, suse-security@suse.com # Dateianhänge: 0