You're all missing a very important point. Have a read of http://embeddedsw.net/doc/physical_coercion.txt (a reference on http://en.wikipedia.org/wiki/Deniable_encryption) and think about if you want some random data at the end of your drive that you can't decrypt. -- Laurence Thomas Bastiani wrote: > On 05/30/14 18:47, Heinz Diehl wrote: > > On 30.05.2014, Thomas Bastiani wrote: > > > >> It may be that files that you create and then delete will trigger > >> a TRIM operation if dm-crypt (and > >> eventually LVM) are configured to pass TRIM through. But the rest of > >> your "securely erased" drive is still not TRIM-ed. > > > > As far as I know, mkfs discards blocks while creating the filesystem. > > So your device should be "overwritten" at that stage of the process? > > > > Oh cool. I had no idea. So then it would make the whole dd operation > useless if you pass --allow-discards to cryptsetup. > > -- > Thomas > _______________________________________________ > dm-crypt mailing list > dm-crypt@xxxxxxxx > http://www.saout.de/mailman/listinfo/dm-crypt _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
