From owner-freebsd-hackers@FreeBSD.ORG  Sun Feb 24 00:03:47 2008
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 14DC016A40B;
	Sun, 24 Feb 2008 00:03:47 +0000 (UTC) (envelope-from ap@bnc.net)
Received: from bis.bonn.org (www.bis.bonn.org [217.110.117.102])
	by mx1.freebsd.org (Postfix) with ESMTP id 61AEE13C4CE;
	Sun, 24 Feb 2008 00:03:45 +0000 (UTC) (envelope-from ap@bnc.net)
X-Junk-Score: 2 [X]
X-SpamCatcher-Score: 2 [X]
X-Junk-Score: 0 []
X-Cloudmark-Score: 0 []
Received: from [194.39.192.125] (account bnc-mail@mailrelay.mailomat.net HELO
	bnc.net) by bis.bonn.org (CommuniGate Pro SMTP 5.2c4)
	with ESMTPSA id 9480312; Sun, 24 Feb 2008 00:05:53 +0100
X-SpamCatcher-Score: 2 [X]
Received: from [194.39.194.142] (account ap HELO wasabi.wlan.bnc.net)
	by bnc.net (CommuniGate Pro SMTP 5.2.0)
	with ESMTPSA id 3077324; Sun, 24 Feb 2008 00:03:35 +0100
Message-Id: <31648FC5-26B9-4359-ACC8-412504D3257B@bnc.net>
From: Achim Patzner <ap@bnc.net>
To: "David E. Thiel" <lx@FreeBSD.org>
In-Reply-To: <20080223222733.GI12067@redundancy.redundancy.org>
Content-Type: multipart/signed; boundary=Apple-Mail-3-14831615; micalg=sha1;
	protocol="application/pkcs7-signature"
Mime-Version: 1.0 (Apple Message framework v919.2)
Date: Sun, 24 Feb 2008 00:03:32 +0100
References: <20080223010856.7244.qmail@smasher.org>
	<20080223222733.GI12067@redundancy.redundancy.org>
X-Mailer: Apple Mail (2.919.2)
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Cc: freebsd-hackers@freebsd.org
Subject: Re: Security Flaw in Popular Disk Encryption Technologies
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 24 Feb 2008 00:03:47 -0000


--Apple-Mail-3-14831615
Content-Type: text/plain;
	charset=US-ASCII;
	format=flowed;
	delsp=yes
Content-Transfer-Encoding: 7bit

>> article below. does anyone know how this affects eli/geli?
>
> There's fairly little any disk crypto system can do to thoroughly  
> defend
> against this.

Hm. Strange. Serious hardware is very well suited to do that (usually
by adding well defended crypto hardware). Keys don't have to be stored
in unsafe places.


Achim Patzner


--Apple-Mail-3-14831615--