On 06/25/2010 04:05 AM, Henry Hertz Hobbit wrote: <SNIP>
Now that you have got it to suspend / hibernate you can either continue to do it and delete this message or read more and decide if you really want to use hibernate or suspend at all. TAP THE DELETE BUTTON NOW! > # dd bs=1048576 count=128 if=/dev/sda7 of=/tmp/SWAP > $ okteta /tmp/SWAP & I should hasten to add I don't mean you should zero the entire SWAP space. I have the following characters at 0xFF6 ... 0xFFF in my SWAP and where ever they are at they should probably be preserved unless the swapper itself over-writes them: SWAPSPACE2 And for Ubuntu 10.04 make sure you select the second safe mode and then boot up to the root login before you start dd'ing away the evidence. Reboot immediately after you have done the dd. I have already done it with an offset past that since I am NOT using full disk encryption (multiple OS problems) and I don't want that hibernate that was stuffed into my SWAP to stay around. Now SWAP will probably stay there with lots of zeros in it instead of the random garbage it had before. It was shocking to see just how much stuff hibernate rammed into the SWAP space. The problem I am seeing with this whole scenario is because he mentioned full disk encryption. What good does full disk encryption do you if you suspend / hibernate? You have basically made that protection for a laptop null and void if your laptop ever gets lost / stolen as long as there is still enough power to boot up. It kind of reminds me of the people using the Enigma cipher that had combination outside / inside indicators for their message settings that had three characters each. So what did they pick? LON-DON, MAD-RID, BER-LIN, ... Why did they do that? "The Enigma machine is unbreakable, so we will just use these keys since they are easy to remember." Let's use hibernate / suspend because we know that Linux is so infinitely secure that it will be okay. Every set of security mechanisms and procedures are no better than their weakest link, Even if you aren't using full disk encryption I still see a problem with hibernate / suspend. If I steal your laptop at a busy airport I am still home free. I just hit the power button and I am in. Let's use hibernate / suspend to save a few seconds will be a thief's best friend. Let's also not encrypt our files because Linux is so much superior to Windows. I can probably make bank on some of the people that responded not using encryption on your files as well. For the some users it is because they are counting on their full disk encryption for their entire protection which the hibernate / suspend just bypassed. For the users without full disk encryption it is because they are smug in their belief that Linux is so infinitely superior that you don't need to do anything more than just run Linux and all the worlds ills go away. Are you sure you want to use the Hibernate / Suspend feature? This especially holds for a machine that is highly portable. I worked for a DoD contractor once and they said they had two Solaris Tadpole laptops. You couldn't prove it by me because I never saw them. They were there in November when I arrived on contract and by the next August when my contract had been extended not just once but twice and they were begging me to stay longer both of those Tadpoles were gone - STOLEN! This was at a place a lot more secure than where most of you people's laptops are at. I repeat - hibernate / suspend is a security nightmare. But at least you know how to do it if it gets lost from the menu. HHH /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
