On Thu, 2019-01-31 at 00:11 +0100, Jonas Meurer wrote: > explain to users that they should always give the 'discard' > option > to new devices if they don't have a good reason to not do so It's sad to see Debian giving bad advise to users, especially several people said here upon being questioned, that it should be vice-versa… i.e. using the more secure setting unless one has a good reason not to. > I see that the discard option has security implications. Absolutely. > Whether those are minor or major is debatable. My take on this is, > that > the tradeoff is acceptable and for the vast majority of users > neglectable. I cannot see that this has been anywhere proven by solid and extensive crpytoanalysis. Instead, past has always shown that even small leakage of information can be a huge attack surface. If it was 20 years ago, the question would have probably been: Can we enable compression without risk? And the answer would have been: It's not clear whether it can be abused, but rather don't to it. Then: Well let's still to it. Then: CRIME and BEAST attacks. Oops. > On the other side, having fstrim working per default > even > on encrypted volumes is a huge advantage. I wonder what advantage it is for someone who deliberately decides to use dm-crypt, to possibly weaken just this. Well just my two cents. :-) _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx https://www.saout.de/mailman/listinfo/dm-crypt
