On Tue, Oct 26, 2010 at 11:54:03PM -0400, Chris Knadle wrote: > > Does this fact negate whatever added security one > > gains by writing random data over the disk prior to encryption. > > I'd say no.
The output of the encryption function should be relatively indistinguishable from random data. A zeroed, one-d, or previously formatted drive, may make it extremely obvious where the encrypted filesystem begins, ends, may disclose what type, and may give an attacker (albeit an extremely sophisticated one) enough information to start trying to break it, which might not otherwise be available. Good idea? Yes. Vital? Probably not. If you're not carrying corporate secret data on the drive and are merely trying to protect yourself from "someone stole my laptop and I don't want anyone to see my data", don't worry about it. And if the feds grab you, they'll just put you in gitmo until you give up the keys, anyhow. -m
pgp0GZq1eSn8F.pgp
Description: PGP signature
_______________________________________________ Mid-Hudson Valley Linux Users Group http://mhvlug.org http://mhvlug.org/cgi-bin/mailman/listinfo/mhvlug Upcoming Meetings (6pm - 8pm) MHVLS Auditorium Nov 3 - Open Source Hardware: Bugs, Beagles and Beyond Dec 1 - IBM's Open Client Deployment Jan 5 - Building a Comunity Site with Drupal
