Randomized Swap

Forgive me if this is already the standard (I haven’t looked into the code), but is the swap space encryption key randomized for each boot?

Back when I used Tails I would activate the internal drive as swap space with a randomized key and it seems like a good feature to have to protect privacy across reboots, if your drive password is ever stolen, or if it’s pulled out under duress.

If it’s not already the standard, is there a place to lodge feature requests?

Not yet:

But it’s straightforward to set this up if you’re on the Btrfs installation layout. I’ve been using a converter script since Qubes R3.0:

1 Like

Thank you!

I will be looking at compiling my own Qubes builds moving forward, so might go ahead and just bake the feature in there.

1 Like