On Mon, 2012-11-26 at 15:20 +0200, Maxim Kammerer wrote: > On Mon, Nov 26, 2012 at 3:03 PM, Marco Calamari <[email protected]> wrote: > > 2) adding a "change persistence password" in Utility menu > > would be a probably cheap but really useful feature. > > It would be a misleading feature, since due to wear leveling on solid > state media, parts of old LUKS header may be recoverable. On the other > hand, it's always possible to add a warning.
Agreed, but this is not the only situation adversely affected to solid-state memories. LUKS header fits in a cluster and is normaly unchanged, so his remapping due to the wearing-leveller actions seems at least rare, if ever. And Carol will need to password-crack against all free blocks ... looks really an unreasonable scenario. OTOH having an unchangeable password from a security perspective is IMO simply unacceptable. A lot of user scenarios make this needed, forbid this oblige the user to copy the user area, wipe the media, reformat,& reinstall the whole stuff if password is to be changed, and this can be needed for a lot of well-known reasons. We know how to do this from command line, but mr. AverageTailsUser IMO will not ... JM2C. Marco
signature.asc
Description: This is a digitally signed message part
_______________________________________________ tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev
