Mailinglist Archive: opensuse (3337 mails)

< Previous Next >
Re: [opensuse] cryptoloop
  • From: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006@xxxxxxx>
  • Date: Fri, 21 Apr 2006 15:23:00 +0200
  • Message-id: <4448DCB4.1090105@xxxxxxx>
Oliver Tennert schrieb:
> Am Freitag, 21. April 2006 14:43 schrieb Lars Hecking:
>
>>>Now, obviously SUSE ist going to switch from an absolutely not widespread
>>>solution to an obsolete solution, and furthermore announces this as a
>>>novelty for the next-generation enterprise distro. What is this? Every
>>>other Distro (Fedora, RedHat, Debian, Ubuntu et al.) is using dm-crypt
>>>and even going to
> Why cryptoloop is bogus can be read here:
>
> http://lwn.net/Articles/67216/

And back at the time it was said that dm-crypt had the same problems.
Maybe these problems have been solved, maybe not. At the time SUSE
switched to cryptoloop, dm-crypt was still broken. So exchanging
an out-of-tree disk encryption solution with an in-tree solution
that worked was the best option back then.

Since you refered to a quote from Jari Ruusu about the insecurity of
cryptoloop, please try to find a quote from Rari Ruusu where he
praises LUKS or dm-crypt. You won't find any. Instead you will find
some quotes from Jari Ruusu where he criticizes them, too.

So according to your own arguments, SUSE should NOT ship LUKS or dm-crypt.

Regards,
Carl-Daniel
--
http://www.hailfinger.org/

< Previous Next >
Follow Ups