On Thu, 2019-01-03 at 18:36 +0100, Milan Broz wrote: > Unfortunately this is not what I see from many "enterprise" > customers. > Sometimes it seems that they just need to click the "encrypted" > checkbox > to get signed paper with some nice certification... Sure.. it's like with all the TOFU encryption we see nowadays... But as you say these people/organisations just want some label on it, they don't give a s*** about security. And this is even the optimistic assumption... one must very well assume that such people might have a malevolent agenda and just want to give people a wrong sense of security (see the encrypt-everything-on-the- web-thingy) > But really, there are many situations where discard/TRIM really > improves > performance and even allows to deploy some solutions with still > good threat model. Sure,... but these people will likely stumble over it and can always change a secure default if it fits their needs and threat model. It's like with e.g. SSH, there may be use cases in which it's fine to use one of the older less safe algos (e.g. SSHing to some old iDRAC/etc. serial console interfaces, which are anyway in a fully isolated management network)... but just because of that one should make them default. > We can (and want) to support both sides, just default should be on > the secure side. Absolutely. :-) Which is why my opinion would be to keep discarding TRIMs even in the future and with LUKS2 per default. Cheers, Chris. _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx https://www.saout.de/mailman/listinfo/dm-crypt
