Full HDD encryption (including swap space and hibernate file) and powered down or hibernated (s2disk) machine is the only way to go.
It is possible (assuming Linux system with LUKS with minor modification of the kernel) to chroot to ramfs, drop the encryption keys, suspend the system to RAM and ask for the keys after resume, the rest of the RAM is still possibly readable by an attacker. On 12/27/2012 09:51 PM, Jerzy Łogiewa wrote: > I am just reading this, > http://www.schneier.com/blog/archives/2012/12/breaking_hard-d.html > > Can we start some discussion about good notebook travel habit? I have read > Jacob Appelbaum say he does not travel with _ANY_ drive in notebook, and this > seem to be extreme. > > Without removing drive, what is the best habit for FDE for prevent attacks as > Schneier describe? Full power-down? No hibernate file? Any other things? > > -- > Jerzy Łogiewa -- [email protected] > > -- > Unsubscribe, change to digest, or change password at: > https://mailman.stanford.edu/mailman/listinfo/liberationtech >
-- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
