[TriLUG] OT: Laptop Hard Drive
porter at trilug.org
Fri Nov 18 13:40:23 EST 2011
A> The advantage for me is that my zeroed blocks on my LVM physical
A> volume will be written to my LUKS-encrypted disk as newly-randomized
J> Why is that advantageous?
OK, I was not really serious... I wanted to point out that sometimes,
even though you might be creating a lot of zeroed blocks on your
filesystem, the underlying disk might not be all zeros.
That being said, there IS a good use for Joe's 'dd' trick on encrypted
They recommend that you pre-fill a disk with random bits before
LUKS-formatting it, because otherwise you would have a mostly-zeroed
disk with only your filesystem's used blocks actually being encrypted.
The thought is that the distinction between used and unused blocks could
give someone some knowledge of what was on the disk.
Instead, I would think it would be just as effective to format the
filesystem and then create a large file using 'dd', letting the
underlying encryption create random-ish blocks on the actual disk. [I am
sure that someone has probably written a PhD paper about why that 'dd'
trick is NOT as effective as pre-randomizing a disk. But by that point,
I think I have reached my personal point of diminishing returns.]
# ɹǝʇɹoԀ uɐl∀
More information about the TriLUG