Rob Landley wrote:
I'm under the impression the problem with cryptoloop is bad cryptography:
http://lwn.net/Articles/67216/
Anybody actually using cryptography with an expoitable weakness needs all the
wake-up calls they can get. This is _not_ a case where you want to support
old broken crap, that defeats the whole purpose of using cryptography in the
first place.
Especially the cryptoloop removal was an intentional decision that the kernel
developers made. People raised their objections at the time, and these were
taken into consideration when making the decision:
http://kerneltrap.org/node/2433
Re-raising the same objections over and over again when they've already been
aired, considered, and rejections is called "whining".
Repeating the same information over and over until it sinks in is called
"rote learning." The question is not if cryptoloop is perfect, every
crypto seems to fail eventually, recently md5 was cracked, etc. But
people have used cryptoloop now, and removing it from the kernel will
lock them out of their own data, or prevent them from moving forward.
There's no replacement for cryptoloop, so I can't just reconfigure X and
still read my 147 DVDs full of business data, or access the current data
on 34 laptops around the country.
In most cases CL is not expected to protect against goverment agencies
but rather stolen laptops in airports (yes the pros have added MacOS and
Linux to their business model) or the occasional lost DVD in the mail.
Removing CL is not a hell of a lot better morally than these viruses
which encrypt your data and then hold it for ransom, with the price
being doing without security fixes in future kernels.
Given that CL has minimal (essentially no) maintenence cost, I wish the
ivory tower developers could understand that real people have invested
real money in it, and real data in the technology. Since there is no
alternative solution offered, CL is far better than no crypto at all,
and I wish there were a few more developers who had experience working
in the real word.
--
bill davidsen <[email protected]>
CTO TMR Associates, Inc
Doing interesting things with small computers since 1979
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]