Hello,
[email protected]:
Hi, does the new LUKS 2 vulnerability affect all previous and current version
of Tails?
Should we be concerned about the persistent storage feature?
If I understand correctly, no and no.
If I'm not mistaken, the vulnerability affects LUKS2 volumes created
using cryptsetup since version 2.2.0, but Tails ships 2.1.
But I might be wrong.
Furthermore, this attack is not doable without control of the storage
(ie, be root on a machine on which the storage is attached), and doesn't
allow for full decryption (but still up to few gigabytes).
This is sensitive topic so please double check what I'm saying!
gagz
*CVE-2021-4122: cryptsetup 2.x: decryption through LUKS2 reencryption crash
recovery*
https://seclists.org/oss-sec/2022/q1/34
Thanks in advance.
Ihr Recht auf Privatsphäre. Schützen Sie Ihre Daten und wechseln jetzt zu
*eclipso Mail & Cloud <https://www.eclipso.de>*.
_______________________________________________
Tails-dev mailing list
[email protected]
https://www.autistici.org/mailman/listinfo/tails-dev
To unsubscribe from this list, send an empty email to
[email protected].
_______________________________________________
Tails-dev mailing list
[email protected]
https://www.autistici.org/mailman/listinfo/tails-dev
To unsubscribe from this list, send an empty email to
[email protected].
