[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: summer of code - scrub feature
On Tue, Mar 24, 2009 at 11:21:34AM +0000, David Holland wrote:
> On Sun, Mar 22, 2009 at 10:33:37PM -0400, Thor Lancelot Simon wrote:
> > [...] and it goes nowhere to address my basic point,
> > which is that causing extra disk writes -- much less the painstakingly
> > flushed multiple overwrites that, for example, rm -P does -- today, is
> > much, much more expensive than just encrypting the entire volume and
> > being done with it.
> Sure, except encrypting the volume isn't equivalent. Cryptosystems
> have limited lifetimes. The bits on a discarded drive platter are,
> potentially, exposed indefinitely. For people who care about this
> stuff, making an adversary wait a dozen so years before a brute-force
> attack becomes feasible might or might not be an acceptable tradeoff.
A dozen years for a brute-force attack on AES? You *are* pessimistic!
Thor Lancelot Simon
"Even experienced UNIX users occasionally enter rm *.* at the UNIX
prompt only to realize too late that they have removed the wrong
segment of the directory structure." - Microsoft WSS whitepaper
Main Index |
Thread Index |