[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Plain dm-crypt

From: christopher . toews
Subject: Re: Plain dm-crypt
Date: Thu, 29 Oct 2015 05:24:00 +0000
User-agent: Riseup mail

Actually, plain dm-crypt has one distinct advantage to LUKS, and that is one of plausible deniability. In some countries, you can be court-ordered to decrypt the contents of a device if it can be proven that encrypted contents exist. With LUKS, there is no denying it; with plain dm-crypt and its lack of an encryption header, the device could just as well have been overwritten with random data.

I boot my OS off of an encrypted thumb drive in libreboot using "cryptomount -a (usb0)", so UUIDs don't matter to me at all. I understand that for most users, this will not be the case, but I'm sure that there are enough of us out there who could really make use of this feature.

Also, for those like myself who want this feature for reasons of plausible deniabilty, patching it ourselves is not an option, as going to that length to include the feature would indicate that we are most likely using it, thus throwing plausible deniability out the window. In other words, to keep it plausible, it would have to be a stock feature across the board.


On 2015-10-27 11:10, Vladimir 'phcoder' Serbinenko wrote:
There are patches for it but they will not be integrated as plain dm-crypt has no advantages compared to LUKS and cannot be configured reliably when
device names change as they have no UUID
Le 27 oct. 2015 8:20 AM, <address@hidden> a écrit :

I apologize if this question has already been asked. A web search didn't turn anything up. Are there any plans to include plain dm-crypt support in
a future version of grub?

Thank you.

Grub-devel mailing list

Grub-devel mailing list

reply via email to

[Prev in Thread] Current Thread [Next in Thread]