--6zdv2QT/q3FMhpsV
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Mar 07, 2005 at 09:43:13AM -0700, soralx@cydem.org wrote:
>=20
> > I also believe that it would be beneficial to implement regular rewriti=
ng
> > of randomly picked lock sector(s) at random times during a user specifi=
ed
> > interval (up to x rewrites within n seconds) in order to further obscure
> > the write pattern and provide additional protection for lock sectors.
>=20
> I agree.=20

I don't. Hiding the lock sector is pointless for hot disk attacks. A
malicious SAN administrator (and other intermediaries, if transport
encryption is not used) can identify the lock sector trivially,
because gbde decrypts its location and tells you: it goes straight
there on startup.

--
Dan.

--6zdv2QT/q3FMhpsV
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (NetBSD)

iD8DBQFCLMT3EAVxvV4N66cRAjwdAJ0YIII6Wru0sABfMfvTFlwUCqtPuQCfSKMH
s4GFYA0kk/bKutoV5VCVCho=
=Vbqw
-----END PGP SIGNATURE-----

--6zdv2QT/q3FMhpsV--