Someone wrote in [personal profile] mjg59 2013-07-03 08:07 pm (UTC)

Re: Threat to dm-crypt

I just think: Friends wouldn't let friends use this feature.

Zeroing on resume is some comfort, probably reducing the persistence of this on disk.

But whilst appearing to be a convenience, at least temporarily it must write a snapshot of the user's activities since the last cold boot onto non-volatile storage. (Mostly recent, and falling off logarithmically by age). That data might stay there for months until the device is stolen, sent away for repair, sold or disposed of. It might include documents and media, session cookies, password keyrings, random excerpts of keyboard input or copies things from removable media, and probably lots of email and Internet history, even if that was transferred encrypted. And still recoverable if since deleted on-disk with a 'secure erase', or encryption products used for swap, individual files, containers or the whole disk.

Post a comment in response:

If you don't have an account you can create one now.
HTML doesn't work in the subject.
More info about formatting

If you are unable to use this captcha for any reason, please contact us by email at support@dreamwidth.org