Russ Allbery <[email protected]> writes: > It all depends on what threat model that you're trying to defend > against. Right now, the goal is to get unencrypted files with obvious, > easily-accessible private information off of people's laptops. One step > at a time. Scraping data out of system page files requires an attacker > with actual tools and some understanding of how the operating system > works; it would be nice to defend against such people as well, but > they're considerably rarer and, in that case, you're generally looking > at a targeted attack.
(And, yes, I realize that this same argument applies to the AFS cache, and we are allowed to not care about the AFS cache if there's no easy solution, but if there is one, I'd like to offer some options. After all, maybe some day we'll be doing something about the page file and whatnot as well. I don't want AFS to be the weakest link.) -- Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/> _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
