[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: cryptsetup problem

On 3/06/2014 6:32 AM, Bzzz wrote:
> On Tue, 03 Jun 2014 06:22:46 +1000
> Andrew McGlashan <andrew.mcglashan@affinityvision.com.au> wrote:
> 
>> Okay, but my understanding is that once you have a LUKS crypt
>> volume (with the right setup), it doesn't matter what data you
>> write across the whole volume, it will all be fully encrypted
>> using your own specific key.  There are weaker encryption choices
>> that could be a problem with repetitive data, but if done
>> properly, repetitive data poses no threat against the real data.
> 
> Writing random data before using it is a security
> because when you delete all files it'll be much 
> harder to recover real encrypted data from garbage.

Yes, maybe so, but these are brand new 4TB drives that haven't had any
other data on them before (factory fresh).  I've done badblock testing
on them as a first step after removing them from their new packaging and
so far, they haven't seen any data other than encrypted data; there is a
small lvm volume on md0_crypt .... but that only holds the root file
system and backups of the /boot file system that live on another device.

Cheers
A.
Reply to: