tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: summer of code - scrub feature

On Mon, Mar 23, 2009 at 02:26:40AM +0000, Alistair Crooks wrote:
> If you're going down this route, you should also be encrypting any
> swap partitions, of course, using tempested hardware, and wearing tin
> foil on your head.  As ever, this is a question of what's possible,
> and of securing yourself as much as is economically and comfortably
> possible.

That's just silly -- and it goes nowhere to address my basic point,
which is that causing extra disk writes -- much less the painstakingly
flushed multiple overwrites that, for example, rm -P does -- today, is
much, much more expensive than just encrypting the entire volume and
being done with it.

I think it's a bad idea to waste effort on zeroizing erased data when
the same effort could be spent making it easier to do the _cheaper_ 
operation of just encrypting the data in the first place.  Jibes about
tinfoil hats are unhelpful, but make them if you like; I am done wasting
my time being spat on for talking common sense to the sky while it's


Home | Main Index | Thread Index | Old Index