CONFIG_ANDROID

Jason A. Donenfeld Jason at zx2c4.com
Thu Jun 30 15:56:37 UTC 2022


On Thu, Jun 30, 2022 at 5:53 PM tlhackque <tlhackque at yahoo.com> wrote:
> If you also want to make sure that the key isn't in memory longer than
> that time (e.g. to avoid capture on a dump or device loss), you could
> also set a timer (of the sort that wakes the CPU from sleep) that clears
> the key at that time.

Waking up the CPU some time later to clear a key sounds like a bad
waste of power. And such wakeup timers aren't universally available
and dependable. Plus, the last thing people want is having WireGuard
wake up your laptop from sleep while it's in your bag. You're now
proposing all sorts of terrible complexity, instead of the much more
simple and covers-all-real-practical-cases of "is it android or is it
not?" KISS.

Jason


More information about the WireGuard mailing list