tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: summer of code - scrub feature

On Mon, Mar 23, 2009 at 01:13:16AM +0000, Alistair Crooks wrote:
> On Sun, Mar 22, 2009 at 08:07:06PM -0400, Thor Lancelot Simon wrote:
> > The other problem is that the WAPBL journal will have pieces of file
> > data in it.  Aggressively overwriting the log after transactions have
> > been committed will _murder_ performance.  The best solution to all this
> > is to just use cgd!
> Requiring the use of cgd is certainly one way of addressing the
> problem.  Another way would be to give up using computers completely
> since we can never be sure that data will not be copied without our
> prior knowledge and sent back to the HQ of the cabal's mothership.

Let me try to state the actual performance constraints as I understand
them, more succinctly:

        1) Overwrite-on-erase for every erase will cost more than
           encrypt-on-write for every write, on almost any modern
           platform and for almost any workload.

        2) WAPBL makes this even more so.  Much more so.

        3) We expect that almost all users will use WAPBL for almost
           all workloads.

This suggests to me that cgd is always a better solution to the problem
we are trying to solve here, that data might be read after files are

Morever, cgd ensures that you don't even have to worry about the journal
or spared sectors.  It is a strictly better solution.


Home | Main Index | Thread Index | Old Index