[tor-talk] [tor-dev] resistance to rubberhose and UDP questions

tor at lists.grepular.com tor at lists.grepular.com
Sat Oct 6 19:54:55 UTC 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 06/10/12 20:42, adrelanos wrote:

>> FYI, if you use TRESOR/Trevisor, you can protect your OS
>> encryption keys from cold boot attacks:

> I like the basic idea very much.
> 
> Does this patch still work against latest kernel of your distro?

Not without some modifications. They currently provide patches for
vanilla 2.6.36, 3.0.9 and 3.0.43

> Does this force you to compile your own kernel each time your
> distro released a kernel upgrade?

Yes. So I don't always upgrade whenever my distro does. I keep an eye
on the commit log to see if there is anything specific that I
must/want to upgrade for.

> Do you know if they tried upstreaming their work to the kernel?

I don't know, no. I wish they would. It would make my life much easier :)

FWIW, I wrote up a bunch of stuff I did to make my laptop more secure,
including using TRESOR, last year. There are some useful links in it:
https://grepular.com/Protecting_a_Laptop_from_Simple_and_Sophisticated_Attacks

- -- 
Mike Cardwell  https://grepular.com/     http://cardwellit.com/
OpenPGP Key    35BC AF1D 3AA2 1F84 3DC3  B0CF 70A5 F512 0018 461F
XMPP OTR Key   8924 B06A 7917 AAF3 DBB1  BF1B 295C 3C78 3EF1 46B4
-----BEGIN PGP SIGNATURE-----

iQGGBAEBCgBwBQJQcIyOMBSAAAAAACAAB3ByZWZlcnJlZC1lbWFpbC1lbmNvZGlu
Z0BwZ3AuY29tcGdwbWltZTgUgAAAAAAVABpwa2EtYWRkcmVzc0BnbnVwZy5vcmdt
aWtlLmNhcmR3ZWxsQGdyZXB1bGFyLmNvbQAKCRCdJiMBwdHnBNemB/4hUhuUemh2
IDnbJ0miRHyrMtZ1mcCP61laKvRG6lpPx+b41GnQfR+qipPbfdK6lTgk4R9hhYPw
W5fsXFzyXSXr6QK0gBKwN+FCCLjyTLl4kbEx6t9zvEWuJYQPvcnO5xSPn5DRos3p
ftD8sUvH9xZsJnRJXbn6tyro0FfHugEagiZaGsFb75ZMnJQKHYogBZ7wSGeig7zo
u49bvlv0lbYZpd8cBysqcRI9Og/uGyL5v7gyYShOqJrBpuzSUPRG2lD/ApjNmJNg
vpjsLbK6dF0uvzE3yy0Es1VB1DGSuXCWO9VhS6PohANmiqj5pvC3jVPU+LlNyaYt
W/xF/DKY2KvF
=wK0a
-----END PGP SIGNATURE-----


More information about the tor-talk mailing list