> On Aug 20, 2024, at 3:53 PM, Kenneth Morris via Tails-dev > <[email protected]> wrote: > > Someone mentioned to me that tails now has a page file or swap partition. > Why does tails include a swap and doesn’t this defeat the purpose of > anti-forensics? > I have used tails to edit files on external drive and don’t remember anything > about worrying about files swapping onto the external drive?
I'm not a Tails developer, but here's the status as I understand it. In short, it doesn't weaken Tails' resistance to attack. Tails currently swaps to "zram". This is a swap device in *RAM*. It works by compressing the memory before swapping it to zram. It's never written to a permanent storage device, so there are no fundamental impacts; if your attacker can read arbitrary memory you have bigger problems. This ability is important; graphical programs often take a lot of memory, and this ability can often turn a crash into a temporary slowdown. Discussion: https://gitlab.tails.boum.org/tails/tails/-/issues/5740 Implementation: https://gitlab.tails.boum.org/tails/tails/-/merge_requests/1064 Linux kernel docs: https://docs.kernel.org/admin-guide/blockdev/zram.html There's been some efforts to warn users when RAM is getting low. There's been progress, though it's more complicated than you might think. There's been discussion about swapping on a USB stick itself: https://gitlab.tails.boum.org/tails/tails/-/issues/19442 There's general agreement that as long as there's an ephemeral key, and the user is the one who enables it, it should be fine. However, it does not currently exist in Tails. You can hand-force this on an individual execution of Tails but logging in as root and enabling a swap file, but that requires knowing how to do this. --- David A. Wheeler _______________________________________________ Tails-dev mailing list [email protected] https://www.autistici.org/mailman/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
