From nobody Fri Jan 14 17:00:39 2022 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 9D6D8196430C for ; Fri, 14 Jan 2022 17:00:53 +0000 (UTC) (envelope-from ralf-mardorf@riseup.net) Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mx1.riseup.net", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Jb6xw2H63z3qpZ for ; Fri, 14 Jan 2022 17:00:52 +0000 (UTC) (envelope-from ralf-mardorf@riseup.net) Received: from fews2.riseup.net (fews2-pn.riseup.net [10.0.1.84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mail.riseup.net", Issuer "R3" (not verified)) by mx1.riseup.net (Postfix) with ESMTPS id 4Jb6xt6sw5zF4dT for ; Fri, 14 Jan 2022 09:00:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1642179651; bh=uVdcn+CFuNuOZEPOWF9EZMFW+7G1z9cB0mmJujP+wvs=; h=Date:From:To:Subject:In-Reply-To:References:From; b=Vc8d98o0hIm71qa6Nrk47mGs6QWLEimWVPtoMMwe4R/DuDGXir/65nx2CHz/oas09 4xMRtNbVMVMJrZA7N+bK564mETz3aiSFC0fWRCduTqabwAP+Z9jiyTWB7KKLOWs4gk CbP/uV/trr83xoQPvH8P/Q/QufVXeMjOFMZLzsr8= X-Riseup-User-ID: 12C992EFA289E674D6DD7E0D5701A5A40D6197991EFE3D5745C8397ED500AF92 Received: from [127.0.0.1] (localhost [127.0.0.1]) by fews2.riseup.net (Postfix) with ESMTPSA id 4Jb6xt2KpWz1xmv for ; Fri, 14 Jan 2022 09:00:50 -0800 (PST) Date: Fri, 14 Jan 2022 18:00:39 +0100 From: Ralf Mardorf To: questions@freebsd.org Subject: Re: zero filling a storage device (was: dd and mbr) Message-ID: <20220114180039.4a1cf88e@archlinux> In-Reply-To: <20220114045558.GQ61872@eureka.lemis.com> References: <77680665-7ddb-23c5-e866-05d112339b60@holgerdanske.com> <20220114023002.GP61872@eureka.lemis.com> <20220114045558.GQ61872@eureka.lemis.com> List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4Jb6xw2H63z3qpZ X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=riseup.net header.s=squak header.b=Vc8d98o0; dmarc=pass (policy=none) header.from=riseup.net; spf=pass (mx1.freebsd.org: domain of ralf-mardorf@riseup.net designates 198.252.153.129 as permitted sender) smtp.mailfrom=ralf-mardorf@riseup.net X-Spamd-Result: default: False [-4.60 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[riseup.net:s=squak]; NEURAL_HAM_LONG(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; RWL_MAILSPIKE_GOOD(0.00)[198.252.153.129:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; DWL_DNSWL_LOW(-1.00)[riseup.net:dkim]; RCVD_COUNT_THREE(0.00)[3]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; DKIM_TRACE(0.00)[riseup.net:+]; DMARC_POLICY_ALLOW(-0.50)[riseup.net,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; MLMMJ_DEST(0.00)[questions]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; MID_RHS_NOT_FQDN(0.50)[]; ASN(0.00)[asn:16652, ipnet:198.252.153.0/24, country:US]; RCVD_TLS_ALL(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[198.252.153.129:from] X-ThisMailContainsUnwantedMimeParts: N Hi, zero filling is fishy for several reasons. It's never secure! However, I won't comment zero filling. I'm not an expert and to lazy to search for links. Related to the addressable blocks and real physical locations I've got a link at hand. On Fri, 14 Jan 2022 15:55:58 +1100, Greg 'groggy' Lehey wrote: >proof of the contrary Due to https://en.wikipedia.org/wiki/Wear_leveling the only way that could be (but not necessarily is) secure, is a secure erase command provided by the firmware. Regards, Ralf