>I can't speak for Mr Romero, but I imagine what he's after is plausible >>deniability. The GELI metadata on a volume unambiguously declares it to >be >encrypted data.
Agree. And I think this feature is in demand, taking into account growing number of jurisdictions, where a person could be legally obliged to surrender keys/passwords. On Sun, Jun 9, 2013 at 10:51 PM, Greg Rivers <[email protected]> wrote: > On Sun, 9 Jun 2013, Pawel Jakub Dawidek wrote: > >> On Sat, Jun 08, 2013 at 03:02:10PM +0300, Andrew Romero wrote: >> > Hi all >> > I made a patch to support of external header (metadata) on GEOM ELI >> > (geli) >> > > System: FreeBSD 9-STABLE r250964 i386 >> > > geli patch - http://pastebin.com/UGpnMN19 >> > regresion patch - http://pastebin.com/hJVkTpJZ >> >> I don't mean to discourage you, but every additional complexity comes at >> risk and it case of GELI this is security risk. What is missing in your work >> is explanation how it that useful for the users? How do you use it? First I >> need to understand and be convinced that this functionality is generally >> useful and thus is worth additional complexity and risk. >> > > I can't speak for Mr Romero, but I imagine what he's after is plausible > deniability. The GELI metadata on a volume unambiguously declares it to be > encrypted data. > > Properly implemented, I think this could be a worthwhile enhancement for > certain applications or circumstances where one may not wish to invite > further scrutiny. > > -- > Greg Rivers > > _______________________________________________ > [email protected] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-geom > To unsubscribe, send any mail to "[email protected]" _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-geom To unsubscribe, send any mail to "[email protected]"
