Re: SDD partitioning and allocations

To: Jeffrey Walton <noloader@gmail.com>
Cc: rhkramer@gmail.com, debian-user@lists.debian.org
Subject: Re: SDD partitioning and allocations
From: tomas@tuxteam.de
Date: Sun, 13 Jul 2025 08:04:17 +0200
Message-id: <[🔎] aHNMYbrNd5mNqxSo@tuxteam.de>
In-reply-to: <[🔎] CAH8yC8m3vPJ7xs8wDUoDudX94GrWHCrtYmOiG7L3N_1MvUCCVw@mail.gmail.com>
References: <[🔎] nfj4kl-eg2.ln1@anthive.com> <[🔎] de4e3ad9-e24c-41da-8bb4-9e4625a8dfe1@holgerdanske.com> <[🔎] 202507120919.44742.rhkramer@gmail.com> <[🔎] CAH8yC8=rb5oBYALWOaRwqmcAX2SJ4ACH-5ODbO+xZ0cF9i66bQ@mail.gmail.com> <[🔎] aHKztPFXU+XTNOGr@tuxteam.de> <[🔎] CAH8yC8m3vPJ7xs8wDUoDudX94GrWHCrtYmOiG7L3N_1MvUCCVw@mail.gmail.com>

On Sat, Jul 12, 2025 at 05:10:13PM -0400, Jeffrey Walton wrote:
> On Sat, Jul 12, 2025 at 3:12 PM <tomas@tuxteam.de> wrote:
> >
> > On Sat, Jul 12, 2025 at 01:03:23PM -0400, Jeffrey Walton wrote:
> > > On Sat, Jul 12, 2025 at 12:14 PM <rhkramer@gmail.com> wrote:
> > > >
> > > > On Thursday, July 10, 2025 10:41:18 PM David Christensen wrote:
> > > >
> > > > > On 7/10/25 04:07, songbird wrote:
> > > > [...]
> > > > > Be sure to do a secure erase before you put the SSD's into service:
> > > >
> > > > > https://en.wikipedia.org/wiki/Secure_Erase#Secure_erase
> > > >
> > > > Why do you recommend that? Are you assuming the SSDs songbird got are used, or do you recommend that even for new SSDs -- if so, why?
> > >
> > > >From <https://www.zdnet.com/article/malware-found-on-new-hard-drives/>:
> > >
> > >     ... Practice "safe sectors" and scan, or preferably wipe, all drives
> > >     before bringing them into the ecosystem.  Dont assume that a drive is
> > >     going to be blank and malware free. Trust no one. Same goes for USB
> > >     flash drives - you never know what's been installed on them.
> >
> > I have a hard time imagining how a malware on a disk can do
> > anything once you've put new file systems on it.
> >
> > Of course, if you mount their file systems unchanged...
> 
> I suspect it is a bigger problem on WIndows, which most malware is
> written for and where derives get automounted on insertion:
> <https://en.wikipedia.org/wiki/2008_malware_infection_of_the_United_States_Department_of_Defense>.

See above: *if* the first thing you do is to make a new file
system, the malware data will still be there, in the free
blocks, but your (second-rate) operating system won't be able
to access it.

> But I don't think it is limited to Windows. I recall a recent thread
> about maliciously corrupt filesystems affecting Linux:
> <https://www.openwall.com/lists/oss-security/2025/06/03/2>. The kernel
> would not fix it because they said users should not mount a corrupt
> filesystem. Ubuntu had to create and apply patches because of
> automounting for users.

Again: irrelevant for a freshly made file system.

Now if your operating system tries to mount everything it is presented
with, that's another problem (mine doesn't).

Cheers
-- 
t

Attachment: signature.asc
Description: PGP signature

Reply to:

References:
- SDD partitioning and allocations
  - From: songbird <songbird@anthive.com>
- Re: SDD partitioning and allocations
  - From: David Christensen <dpchrist@holgerdanske.com>
- Re: SDD partitioning and allocations
  - From: rhkramer@gmail.com
- Re: SDD partitioning and allocations
  - From: Jeffrey Walton <noloader@gmail.com>
- Re: SDD partitioning and allocations
  - From: <tomas@tuxteam.de>
- Re: SDD partitioning and allocations
  - From: Jeffrey Walton <noloader@gmail.com>

Prev by Date: Re: SDD partitioning and allocations
Next by Date: Re: SDD partitioning and allocations
Previous by thread: Re: SDD partitioning and allocations
Next by thread: Re: SDD partitioning and allocations
Index(es):
- Date
- Thread