[Discuss] Full disk encryption
Edward Ned Harvey
blu at nedharvey.com
Tue Jan 3 14:33:50 EST 2012
> From: Chris O'Connell [mailto:omegahalo at gmail.com]
>
> http://www.truecrypt.org/docs/?s=trim-operation
Given: Truecrypt permits TRIM. And if you TRIM, an attacker may be able
to identify some information, such as degrading your plausible deniability
in some cases, or something like that.
> http://www.truecrypt.org/docs/?s=wear-leveling
Given: Thanks to wear leveling, multiple copies of data may exist in
storage.
Given: If an attacker has access to multiple copies of encrypted data, it
may reduce the work necessary for the attacker to decrypt the information.
Now, following "some logic," we conclude "Never encrypt an SSD." Could you
please explain the logic?
It seems, running without encryption, you would give up far more than the
above.
You might want to revise your comment? Instead, "Never use an SSD, because
even with encryption, it's not secure enough for your taste?"
> > From: discuss-bounces+blu=nedharvey.com at blu.org [mailto:discuss-
> > bounces+blu=nedharvey.com at blu.org] On Behalf Of Chris O'Connell
> >
> > ALSO, NO FULL DISK ENCRYPTION should ever be used on an SSD drive.
> > Performance will drop by 30% and the drive's wear-leveling system and
> > TRIM
> > won't function correctly.
More information about the Discuss
mailing list