Re: summer of code - scrub feature

[David Brownlee <abs%NetBSD.org@localhost>]

On Mon, 23 Mar 2009, Christos Zoulas wrote:

> In article <20090323023336.GA26368%panix.com@localhost>,
> Thor Lancelot Simon  <tls%rek.tjls.com@localhost> wrote:
> > On Mon, Mar 23, 2009 at 02:26:40AM +0000, Alistair Crooks wrote:
> > > If you're going down this route, you should also be encrypting any
> > > swap partitions, of course, using tempested hardware, and wearing tin
> > > foil on your head.  As ever, this is a question of what's possible,
> > > and of securing yourself as much as is economically and comfortably
> > > possible.
> >
> > That's just silly -- and it goes nowhere to address my basic point,
> > which is that causing extra disk writes -- much less the painstakingly
> > flushed multiple overwrites that, for example, rm -P does -- today, is
> > much, much more expensive than just encrypting the entire volume and
> > being done with it.
> >
> > I think it's a bad idea to waste effort on zeroizing erased data when
> > the same effort could be spent making it easier to do the _cheaper_
> > operation of just encrypting the data in the first place.  Jibes about
> > tinfoil hats are unhelpful, but make them if you like; I am done wasting
> > my time being spat on for talking common sense to the sky while it's
> > raining.
>
> I think it is a lot more useful making cgd easy to configure/use during
> installation rather than spending a lot of time trying to erase data
> and in the end giving the user the false sense of security since we
> are not going to be solving the spared sector problem.

        A SoC project to add cgd support to the bootblocks and code to
        pass across to the kernel could be very worthwhile...

--
                David/absolute       -- www.NetBSD.org: No hype required --