On 2020-06-18 19:13, David Wright wrote:
On Fri 12 Jun 2020 at 07:51:30 (-0400), Michael Stone wrote:On Thu, Jun 11, 2020 at 08:52:10PM -0500, David Wright wrote:The only unaddressed point in my use case is the prevention of a high-water mark, because zeroing the drive achieves precisely the opposite. What ought I to be running, instead of badblocks -w -t random, to achieve that goal?Create the encrypted volume first, then write zeros to it. :)Duh! That should work a treat. My posting that example bore me fruit. Cheers, David.
Benchmark is one thing. But, from a security viewpoint, writing zeros to an encrypted volume amounts to providing blocks of plaintext for corresponding blocks of cyphertext, thereby facilitating cryptanalysis.
David