Women in Technology

Hear us Roar



Article:
  An Unencrypted Look at FileVault
Subject:   Vault and the swapfile
Date:   2003-12-21 12:29:06
From:   anonymous2
Response to: Vault and the swapfile

I too worry about the swap file. that seems to me a glaring hole large enough to drive a truck through, unless the swap file is also encrypted.
Full Threads Oldest First

Showing messages 1 through 5 of 5.

  • Vault and the swapfile
    2003-12-21 14:53:46  tychay [View]

    Hardly. Windows and Unix have this same "glaring hole". Most of what goes in the swapfile are idle system and application libraries.

    Take care,

    terry
    • Vault and the swapfile
      2003-12-21 15:03:16  anonymous2 [View]

      in linux though, it's pretty using to use an encrypted swap partition.
      • Vault and the swapfile
        2003-12-21 15:15:38  tychay [View]

        Huh?

        Swap files in Linux are stored in a special filesystem called "swap" which stripes the data across volumes. It is not encrypted.

        It can be made to be encrypted. I only know of one majordistribution that has this feature (Mandrake) and it isn't well known nor enabled-by-default. The reason is that Linux is mostly used in a server environment where it is hard to physically compromise the machine.

        There are a lot of "secure" distribution versions of popular distributions (Knoppix-MIB for instance) and software add ons (via init scripts) that can enable it. For the most part they work by doing what I suggested earlier with the minor difference that swapfiles in Darwin are files, not filesystems.

        They also can be made to encrypt or hold resident in RAM /tmp. Another nice feature.

        The best solution in the Darwin world is to port the secure swap features from OpenBSD.

        Take care,

        terry
        • Vault and the swapfile
          2003-12-21 17:22:41  anonymous2 [View]

          check out http://loop-aes.sourceforge.net/

          using an encrypted swap partition in linux is a compile of a kernel module away. I've been using it for over a year. In the past I used it with redhat, now I use it with gentoo.

          • Vault and the swapfile
            2003-12-21 17:41:38  anonymous2 [View]

            the stable gentoo kernel has a large crypto-API in it which I think can be used to encrypt swap also, I haven't checked yet