[Discuss] Full disk encryption
Chris O'Connell
omegahalo at gmail.com
Tue Jan 3 14:43:35 EST 2012
Perhaps the use of the word "NEVER" is too strong or misleading. From
personal experience I can say that given the performance decrease using
TrueCrypt on an SSD drive "I would never encrypt an SSD drive using
TrueCrypt." I haven't tried BitLocker on an SSD drive yet.
You have really proven your point Ed!
Chris
On Tue, Jan 3, 2012 at 2:33 PM, Edward Ned Harvey <blu at nedharvey.com> wrote:
> > From: Chris O'Connell [mailto:omegahalo at gmail.com]
> >
> > http://www.truecrypt.org/docs/?s=trim-operation
>
> Given: Truecrypt permits TRIM. And if you TRIM, an attacker may be able
> to identify some information, such as degrading your plausible deniability
> in some cases, or something like that.
>
>
> > http://www.truecrypt.org/docs/?s=wear-leveling
>
> Given: Thanks to wear leveling, multiple copies of data may exist in
> storage.
> Given: If an attacker has access to multiple copies of encrypted data, it
> may reduce the work necessary for the attacker to decrypt the information.
>
> Now, following "some logic," we conclude "Never encrypt an SSD." Could you
> please explain the logic?
> It seems, running without encryption, you would give up far more than the
> above.
>
> You might want to revise your comment? Instead, "Never use an SSD, because
> even with encryption, it's not secure enough for your taste?"
>
>
> > > From: discuss-bounces+blu=nedharvey.com at blu.org [mailto:discuss-
> > > bounces+blu=nedharvey.com at blu.org] On Behalf Of Chris O'Connell
> > >
> > > ALSO, NO FULL DISK ENCRYPTION should ever be used on an SSD drive.
> > > Performance will drop by 30% and the drive's wear-leveling system and
> > > TRIM
> > > won't function correctly.
>
>
>
--
Chris O'Connell
http://outlookoutbox.blogspot.com
More information about the Discuss
mailing list