tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: summer of code - scrub feature

On Sun, Mar 22, 2009 at 10:33:37PM -0400, Thor Lancelot Simon wrote:
 > [...] and it goes nowhere to address my basic point,
 > which is that causing extra disk writes -- much less the painstakingly
 > flushed multiple overwrites that, for example, rm -P does -- today, is
 > much, much more expensive than just encrypting the entire volume and
 > being done with it.

Sure, except encrypting the volume isn't equivalent. Cryptosystems
have limited lifetimes. The bits on a discarded drive platter are,
potentially, exposed indefinitely. For people who care about this
stuff, making an adversary wait a dozen so years before a brute-force
attack becomes feasible might or might not be an acceptable tradeoff.

David A. Holland

Home | Main Index | Thread Index | Old Index