[liberationtech] LUKS "Self-Destruct" feature introduced in Kali Linux

[Maxim Kammerer]

On Sat, Jan 18, 2014 at 5:02 AM, Pranesh Prakash <pranesh at cis-india.org> wrote:
> This above description seems to me to be an extreme case of 2FA.  Is it actually useful?

As noted in Liberté Linux FAQ [1]:
NOTE: Modern flash memory devices with wear leveling (as well as
modern HDDs with automatic bad sectors remapping) cannot guarantee
that the original OTFE header and its backup have been erased.

Also, the developers implemented the functionality by finding some old
cryptsetup patch and applying it.

I can't think of a scenario where this functionality would be useful.
Reminds me of Greenwald using his boyfriend as a data mule  —
simultaneously trusting and mistrusting cryptography due to lack of
understanding of the concepts involved. If you want to move data
safely, encrypt it with an automatically-generated password of
sufficient entropy, and transmit the password separately — there is no
need to transmit the whole LUKS keyslot, which is large, and is just a
technical detail.

[1] http://dee.su/liberte-faq

-- 
Maxim Kammerer
Liberté Linux: http://dee.su/liberte