Prosecution based on memory forensics

Sascha Silbe sascha-ml-reply-to-2011-1 at silbe.org
Sun Jan 16 20:21:08 CET 2011


Excerpts from Werner Koch's message of Fri Jan 14 21:01:45 +0100 2011:

> It would definitely be helpful because it makes a safe installation much
> easier.  It will be used automagically and thus one does not need to
> fiddle with suspend scripts.  All the password managers would benefit
> form that as they all have the same problem.

> The main threat model would be a stolen laptop with cached passphrases
> in suspend or hibernation mode.  Might also be useful for smartphones.

Sounds nice for some users. But please don't forget about users who
don't want their pass phrase to be forgotten during suspend:

1. Users on systems that aggressively auto-suspend during regular
   operation (e.g. on the OLPC XO).
2. Users with a threat model that doesn't consider "stolen during
   suspend-to-RAM" to be different from "stolen while powered on".


So please make it easy to opt out from, preferably both on a system-wide
(to deactivate it for all applications that might make use of it) and a
per-user basis (i.e. without requiring root access).

Sascha

-- 
http://sascha.silbe.org/
http://www.infra-silbe.de/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 494 bytes
Desc: not available
URL: </pipermail/attachments/20110116/249973da/attachment.pgp>


More information about the Gnupg-users mailing list