Re: [Tails-dev] Promoting Persistence features

Delete this message

Reply to this message
Author: Marco Calamari
Date:  
To: Maxim Kammerer
CC: The Tails public development discussion list
Subject: Re: [Tails-dev] Promoting Persistence features
On Mon, 2012-11-26 at 15:20 +0200, Maxim Kammerer wrote:
> On Mon, Nov 26, 2012 at 3:03 PM, Marco Calamari <marcoc@???> wrote:
> > 2) adding a "change persistence password" in Utility menu
> >     would be a probably cheap but really useful feature.

>
> It would be a misleading feature, since due to wear leveling on solid
> state media, parts of old LUKS header may be recoverable. On the other
> hand, it's always possible to add a warning.


Agreed, but this is not the only situation adversely affected to
solid-state memories.

LUKS header fits in a cluster and is normaly unchanged, so his
remapping due to the wearing-leveller actions seems at least
rare, if ever. And Carol will need to password-crack against
all free blocks ... looks really an unreasonable scenario.

OTOH having an unchangeable password from a security perspective
is IMO simply unacceptable.
A lot of user scenarios make this needed, forbid this oblige the user
to copy the user area, wipe the media, reformat,& reinstall the whole
stuff if password is to be changed, and this can be needed for a lot
of well-known reasons.
We know how to do this from command line, but mr. AverageTailsUser
IMO will not ...

JM2C. Marco