Another good use for this feature is that you can pre-program in some landmines to destroy the drive and overcome brute force. Since the LUKS password prompt on my install of 3.2 has little to no delay between password attempts one could use a mid range gpu to try millions of passwords. The drive itself can be copied dozens of times to increase the chances of getting the password.
However if If you had a limit of 10 or 20 tries before drive wipe. And had a dozen or more fake passwords that would induce drive wipe. And had some sort of delay in each password attempt built in.(veracrypt takes forever to process your password input for instance) Using tpm ontop of this would also at least frustrate their attempts at mirroring the drive. You could be reasonably certian that even powerful attempts at getting the drive open will be hopeless. Though, you may get yourself in some physical trouble. I have wanted features like the above ones for some time. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/56d8d5b1-d3fd-4ff0-bdeb-cb2233e7a381%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
