Subject: Re: FUD about CGD and GBDE
To: Poul-Henning Kamp <>
From: Bernd Walter <>
List: tech-security
Date: 03/03/2005 13:04:22
On Thu, Mar 03, 2005 at 01:30:15AM +0100, Poul-Henning Kamp wrote:
> In message <>, Roland Dowdeswell wri
> tes:
> >Let's discuss a simple example and see how it works.  Let's walk
> >through a user login, with /etc/passwd on GBDE and the filesystem
> >mounted with mtime.
> These days, on the majority of low cost disks used in enduser
> configurations you risk looking an entire track if the disk were
> writing when you pulled power.  (People complain about this, but
> doesn't seem to be willing to pay to avoid it.)

No matter what disk you take - writes never have been atomic.
The major difference I see is that you get a read error back in
the disk failure case, while such a crypto failure produces more or
less random data without any error.
Mounting unclean filesystems rw for bg_fsck can be considered
dangerous with such unexpected data corruption.
And how would you know that a restore from backup is required for
a damaged file?

B.Walter                   BWCT