Bug#1060422: partman-crypto: add support for new cryptsetup options for opal/sed

To: Holger Levsen <holger@layer-acht.org>
Cc: 1060422@bugs.debian.org
Subject: Bug#1060422: partman-crypto: add support for new cryptsetup options for opal/sed
From: Luca Boccassi <bluca@debian.org>
Date: Mon, 15 Jan 2024 12:35:41 +0000
Message-id: <[🔎] CAMw=ZnRDkAX26vFi691MMo-t_DH+nTZywfm730SDX7h2RXXnsA@mail.gmail.com>
Reply-to: Luca Boccassi <bluca@debian.org>, 1060422@bugs.debian.org
In-reply-to: <[🔎] ZaUk4WgYYG8MaT8H@layer-acht.org>
References: <[🔎] ZZ-q_dBo6MuUTWnv@layer-acht.org> <[🔎] 42bad4a4fa2dbff7e23a02edf712a6250143a1b6.camel@debian.org> <[🔎] 96540fc3-5383-4a72-a8b4-8415980dd771@plouf.fr.eu.org> <[🔎] CAMw=ZnSMhkAQ2eo5A_qtfNHDu2tK=fY3VYVtREM0A_4nKUHMBQ@mail.gmail.com> <[🔎] ZaUHVtfYTd3St4Kj@layer-acht.org> <[🔎] 169a493ab99584fca15b0376bd2b18d0e2eccdb1.camel@debian.org> <[🔎] CAMw=ZnQAfESS_yP+Rg3wYdq=gjeEe=3yQO3nVKZr-vZ6jcAW7g@mail.gmail.com> <[🔎] ZaUk4WgYYG8MaT8H@layer-acht.org> <[🔎] 169a493ab99584fca15b0376bd2b18d0e2eccdb1.camel@debian.org>

On Mon, 15 Jan 2024 at 12:28, Holger Levsen <holger@layer-acht.org> wrote:
>
> On Mon, Jan 15, 2024 at 10:46:14AM +0000, Luca Boccassi wrote:
> > > huh, if there's a bug in the firmware to accidently store the encryption
> > > key on the drive in plaintext, it doesn't cost anything extra.
> > Sure, and if there's a bug in your CPU to accidentally reveal all
> > kernel secrets to any unprivileged userspace process via sidechannels
> > it doesn't cost anything extra either. Doesn't really mean much though
> > for this case.
>
> it's an unneeded additional attack vector.

That depends on the threat model. It's not for mine, and most others too.

> > We aren't though - and the category includes me too of course. Nobody
> > is going to spend $100 million dollars to hardware-backdoor my
> > computer
>
> yes, because several dozens are available much cheaper already.

[citation needed]

Reply to:

References:
- Bug#1060422: partman-crypto: add support for new cryptsetup options for opal/sed
  - From: Holger Levsen <holger@layer-acht.org>
- Bug#1060422: partman-crypto: add support for new cryptsetup options for opal/sed
  - From: Luca Boccassi <bluca@debian.org>
- Bug#1060422: partman-crypto: add support for new cryptsetup options for opal/sed
  - From: Pascal Hambourg <pascal@plouf.fr.eu.org>
- Bug#1060422: partman-crypto: add support for new cryptsetup options for opal/sed
  - From: Luca Boccassi <bluca@debian.org>
- Bug#1060422: partman-crypto: add support for new cryptsetup options for opal/sed
  - From: Holger Levsen <holger@layer-acht.org>
- Bug#1060422: partman-crypto: add support for new cryptsetup options for opal/sed
  - From: Luca Boccassi <bluca@debian.org>
- Bug#1060422: partman-crypto: add support for new cryptsetup options for opal/sed
  - From: Luca Boccassi <bluca@debian.org>
- Bug#1060422: partman-crypto: add support for new cryptsetup options for opal/sed
  - From: Holger Levsen <holger@layer-acht.org>

Prev by Date: Bug#1060422: partman-crypto: add support for new cryptsetup options for opal/sed
Next by Date: Re: Planning for 12.5/11.9
Previous by thread: Bug#1060422: partman-crypto: add support for new cryptsetup options for opal/sed
Next by thread: Processed: Bug#1051968 marked as pending in tasksel
Index(es):
- Date
- Thread