From owner-freebsd-questions@FreeBSD.ORG Thu Feb 21 20:00:39 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 79B1216A402 for ; Thu, 21 Feb 2008 20:00:39 +0000 (UTC) (envelope-from brent.jones@otago.ac.nz) Received: from mailhub2.otago.ac.nz (mailhub2.otago.ac.nz [139.80.64.247]) by mx1.freebsd.org (Postfix) with ESMTP id E5A6813C455 for ; Thu, 21 Feb 2008 20:00:38 +0000 (UTC) (envelope-from brent.jones@otago.ac.nz) Received: from its-ex-p05.registry.otago.ac.nz (its-ex-p05.registry.otago.ac.nz [10.4.15.134]) by mailhub2.otago.ac.nz (8.13.8/8.13.8) with ESMTP id m1LK0Stf017601; Fri, 22 Feb 2008 09:00:29 +1300 Received: from its-ex-p04.registry.otago.ac.nz ([10.4.15.133]) by its-ex-p05.registry.otago.ac.nz with Microsoft SMTPSVC(6.0.3790.3959); Fri, 22 Feb 2008 09:00:29 +1300 Received: from MAIL1.registry.otago.ac.nz ([10.4.15.129]) by its-ex-p04.registry.otago.ac.nz with Microsoft SMTPSVC(6.0.3790.3959); Fri, 22 Feb 2008 09:00:28 +1300 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Date: Fri, 22 Feb 2008 09:00:27 +1300 Message-ID: <31AE442CCBC1094ABC40CE85B0149F06523858@MAIL1.registry.otago.ac.nz> In-Reply-To: <20080221104141.GA80437@epia-2.farid-hajji.net> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: GELI encryption and HDD critical temperature Thread-Index: Ach0dnO6mRV3St7hR7qv8HXPTJz7bQATSKgg References: <47BA962E.5060504@theconcept.ru> <20080221104141.GA80437@epia-2.farid-hajji.net> From: "Brent Jones" To: "cpghost" , "s.g." X-OriginalArrivalTime: 21 Feb 2008 20:00:28.0618 (UTC) FILETIME=[67EEE2A0:01C874C4] X-PMX-Version: 5.4.0.320885, Antispam-Engine: 2.5.2.313940, Antispam-Data: 2008.2.21.114651 X-PerlMx-Spam: Gauge=IIIIIII, Probability=7%, Report='__CT 0, __CTE 0, __CT_TEXT_PLAIN 0, __HAS_MSGID 0, __IMS_MSGID 0, __MIME_TEXT_ONLY 0, __MIME_VERSION 0, __SANE_MSGID 0' Cc: freebsd-questions@freebsd.org Subject: RE: GELI encryption and HDD critical temperature X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Feb 2008 20:00:39 -0000 > -----Original Message----- > From: owner-freebsd-questions@freebsd.org=20 > [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of cpghost > Sent: Thursday, 21 February 2008 11:42 p.m. > To: s.g. > Cc: freebsd-questions@freebsd.org > Subject: Re: GELI encryption and HDD critical temperature >=20 > On Tue, Feb 19, 2008 at 11:41:18AM +0300, s.g. wrote: > > According to smartctl -a, the temperature of the encrypted=20 > drives is ~59C.=20 > > The temperature of the unencrypted drive is, however, =20 > ~41C, according to=20 > > the same smartctl -a. >=20 > I don't know. But I've noticed that when drives access GBDE-encrypted > partitions (I didn't try with GELI yet), they are much louder (head > seeking). It seems they seek more often on encrypted than=20 > non-encrypted > partitions. Perhaps caching is turned off at some point up the chain? > If that's the case, it is no wonder that encrypted partitions tend to > result in higher drive temps (and faster drive wear). It was explained by another poster, I don't remember when or by whom, that GBDE writes sectors to disk in a pseudorandom fashion to make cryptanalysis more difficult. This would explain the seeking/noise on a GBDE disk. A question I have which is related to all of this: Does GELI write sectors in this pseudorandom fashion as well? And, if so is there a way to turn this off so that things are written contiguously? This could be useful for those wishing to encrypt things for most "normal" threats, such as your teenage neighbour breaking into your house and stealing your bitchin computer, while minimising the performance hit of pseudorandom sector writes. Cheers, Brent