On Tue, Nov 20, 2007 at 03:26:00PM -0200, Andreas wrote: > Hello, > > I'm creating image files using dd and associating them with a loop > device with losetup (no crypto so far). Then I use cryptsetup on the > loop device. > > Since the image files are rather large (+/- 35Gb), using plain dd takes > a long time (dd if=/dev/zero of=/image.img ...) and renders the machine > quite useless during that time. I would suggest using dd_rescue, which is a lot more efficient and typically reaches the disks maximum data rate. It also gives you a nice progress indicator. > I then tried creating a sparse file instead and it was much faster and > seems to be working well. Are there any bad security implications in > using a sparse file instead of a "full" file, considering I was filling > it with zeroes to begin with? The only problem I see is that an attacker would know which sectors have been written, and which have not. I would think this is not an issue in most situations. There is also an issue with sparse files: They grow. If you have insufficient space, writes may file at some time due to lack of disk space. Arno -- Arno Wagner, Dipl. Inform., CISSP --- CSG, ETH Zurich, arno@xxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
