Better? You should provide evidence of that because searching the linux-crypto mailinglist and other sites doesn't show it.
As for the "backdoor" issue that was blown way out of proportion by Jari Ruusu and was fixed back in the 2.6.10 kernel. I addressed this in my first howto on Debian-Administration.org. So the issue was not ignored.
As for plain-text attacks on the password, that is addressed by the Linux Unified Key Setup (LUKS) patches (more info: LUKS).
Also Mr. Ruusu is guilty of ignoring "theoretical" vulnerabilities when it suits him (see: http://mail.nl.linux.org/linux-crypto/2005-10/msg00024.html), and uses pretty much the same argument that its not significant enough to warrant fixing.
The reasons I choose to use dm-crypt over loop-aes are:
Dm-crypt is included by default in the kernel. Loop-aes is not.
Loop-aes requires that standard utilities like mount be patched, Dm-crypt does not.
Yaird has hooks for automatic initrd creation, and initramfs will be adding them soon. Loop-aes requires that you use its build-initrd.sh script.
Now, this website is about exploring the configuration options so that the user can decide for themselves what is best for them. This is why I've written two howtos so far, this one and one for unencrypted devices. And it would be great if we had another howto for those that wanted to use Loop-aes, but it hasn't been submitted yet...(hint!).
re: Use loop-aes instead
Better? You should provide evidence of that because searching the linux-crypto mailinglist and other sites doesn't show it.
As for the "backdoor" issue that was blown way out of proportion by Jari Ruusu and was fixed back in the 2.6.10 kernel. I addressed this in my first howto on Debian-Administration.org. So the issue was not ignored.
As for plain-text attacks on the password, that is addressed by the Linux Unified Key Setup (LUKS) patches (more info: LUKS).
Also Mr. Ruusu is guilty of ignoring "theoretical" vulnerabilities when it suits him (see: http://mail.nl.linux.org/linux-crypto/2005-10/msg00024.html), and uses pretty much the same argument that its not significant enough to warrant fixing.
The reasons I choose to use dm-crypt over loop-aes are:
Now, this website is about exploring the configuration options so that the user can decide for themselves what is best for them. This is why I've written two howtos so far, this one and one for unencrypted devices. And it would be great if we had another howto for those that wanted to use Loop-aes, but it hasn't been submitted yet...(hint!).