Encrypted LUKS disks store passphrase plaintext in memory
Bug #196368 reported by
Mark Featherston
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Expired
|
Medium
|
Unassigned |
Bug Description
To test this, run "sudo cat /dev/mem | strings | grep firstfewcharsof
affects: | ubuntu → linux (Ubuntu) |
To post a comment you must log in.
Tested myself, can confirm this one. This is bad especially because of this: http:// blog.wired. com/27bstroke6/ 2008/02/ researchers- dis.html and because of that storing the passphrase itself is not required for the encryption to work.. Better approach would be to store just (salted) hash (which is used for the md encryption module anyways). It makes at least finding the real key harder.