View Single Post
Old 2nd November 2010
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Banned
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Default

All program code executes in RAM, obviously, so having it encrypted means that the decryption "on-the-fly" program would have to be in memory unencrypted.. and it would have the information necessary for decrypting other memory, DMA buffers for devices would have to be unencrypted.

On at least OpenBSD, the swap partition is encrypted.. only when a process is relocated back into RAM does it get decrypted.

Really though, physical security means putting a lock on your door.. all bets are off if they break into your premises and steal your machine.
Reply With Quote