I found LUKS recently through SUSE Linux 10.3,
and the other night a read an article in c't 2006/11.
I can't seriously appreciate the technical internals,
as I'm not too compentent there.
Anyway: Kudos to Clemens Fruhwirth!
But I am not really sure, whether I can trust, what I read in that article regarding the master key,
spefically that the master key can be read from the LUKS volume by the sys admin without any difficulties.
Does that really mean, that as soon as somebody gains control over my computer with a mounted LUKS encrypted (external) disc
and he also manages to gain root priviliges,
that he can retrieve the necessary information,
to mount that disc himself with LUKS-means again?!?
I mean without me passing the keys to him.
If that is seriously so,
I think I will have to find myself another disc encryption toolset,
as I cannot tolerate, that intruders can deal with my personal data without my explicit permission and support.
Whether those intruders have governmental permissions, I don't f...ing care.
I appreciate your serious comments.
J.
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security+help(a)opensuse.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
(I'm new to vmware)
vmware server created two interfaces, vmnet1 and vmnet8 - the task of each
one I have not clear -. The thing is, the hosted system (virtual machine)
does have network access (I told it to use Nat), but I don't really know
how, and whether it is protected by the firewall.
Of course, if there is a nice, easy to read, howto, just tell me :-)
- --
Cheers,
Carlos Robinson
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Made with pgp4pine 1.76
iD8DBQFGfPrYtTMYHG2NR9URAoRuAJ4nJ3yrjs3UpqJLMJRwZEqdqABbywCeIhG+
gMr9AyJMG/WCqb182jY6pz0=
=k+Hr
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security+help(a)opensuse.org
Hi,
Marcus Meissner wrote
>____________________________________________________________________
>
> 2) Pending Vulnerabilities, Solutions, and Work-Arounds
>
> - Kernel Update
>
> We are currently preparing a kernel update for SUSE Linux Enterprise Server 9,
> Novell Linux Desktop 9, SUSE Linux 10.0 and 10.2 to roll out fixes for
> current security problems. It is scheduled to be be released in the week of
> June 11.
now that the SLES9 kernels were just release I read this again an wonder
if it's correct that are no updates planned for SuSE 10.1 (meaning SLES10,too)
while they are planned for 10.0 and 10.2?
cu,
Frank
--
Dipl.-Inform. Frank Steiner Web: http://www.bio.ifi.lmu.de/~steiner/
Lehrstuhl f. Bioinformatik Mail: http://www.bio.ifi.lmu.de/~steiner/m/
LMU, Amalienstr. 17 Phone: +49 89 2180-4049
80333 Muenchen, Germany Fax: +49 89 2180-99-4049
* Rekursion kann man erst verstehen, wenn man Rekursion verstanden hat. *
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security+help(a)opensuse.org
Hi,
I read in a recent thread that bug-fix updates for SuSE LINUX 9.3 stopped
on 15th April 2007. Does anyone know if this includes security fixes?
Specifically the latest samba vulnerability (SUSE-SA:2007:031) did not
list "SUSE LINUX 9.3" under affected products. Is this because it really
is invulnerable, or because security fixes for this distribution have
stopped?
The latest version of samba for this distribution is 3.0.13-1.6 and the
security advisories on the samba.org site list at least some of the issues
as affecting versions 3.0.0 through to 3.0.25rc3, which suggests it might
be vulnerable...
Thanks
J Bromley
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security+help(a)opensuse.org