Re: Shredding a removable drive (OT)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Sun, Jan 27, 2019 at 10:44:52PM +0000, Patrick O'Callaghan wrote:

On Sun, 2019-01-27 at 19:56 +0100, Wolfgang Pfeiffer wrote:

> Given that encrypting the disk means (at a minimum) reading the entire
> contents and rewriting it,

No. I don't think data is written and rewritten. See below.


If it's not being read and rewritten, it's not being encrypted.


Yes, something like that is what I suspect: The actual data on disk
would be left untouched when the *disk/partition* is encrypted. I had
a look through documents explaining luks, and again and again the
topic is "disk" encryption, not "data" encryption. So maybe all that
happens is that - to use a picture - a high security prison (some sort
of crypto layer) is built around the data on disk, while leaving the
actual data untouched, and non-encrypted.

In other words: It seems the file system is encrypted, not the data:
see the already mentioned FAQ: "Create the LUKS container" - at the
end of the section: "Done. You can now use the encrypted file system
to store data"

And what also comes to mind is that when I open (unencrypt) a luks
device, only a second or two after providing the password for the
encrypted disk/partition the partition is unencrypted. I doubt that
this could happen if e.g. a 1 TB partition had all data stored
encrypted on it ..
Or - another possibility - the data stay encrypted after opening the
luks device and will be decrypted only on the fly, just as needed.

No idea, not yet ...


It's as simple as that. A cryptosystem that doesn't read the
plaintext?


You mean, without actually encrypting the data, and instead of that
just some sort of crypto layer around it?


How does that work?


I'd like to know, yes ... :)

Wolfgang
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux