Date: Fri, 03 Sep 2004 23:43:56 +0100 From: David Kreil <kreil@ebi.ac.uk> To: David Kreil <kreil@ebi.ac.uk> Cc: freebsd-questions@freebsd.org Subject: Re: gbde blackening feature - how can on disk keys be "destroyed" thoroughly? Message-ID: <200409032243.i83MhuA02066@puffin.ebi.ac.uk> In-Reply-To: Your message of "Sat, 14 Aug 2004 06:01:52 BST." <200408140501.i7E51qi03762@puffin.ebi.ac.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi,
>From what I can see so far, they are simply overwritten with zeros - is that
right? If so, the blackening feature would be much weakend, as once can read
up to 20 layers of data even under random data (and more under zeros). I would
be most grateful for comments, or suggestions of where/how one could extend
the code to do a secure wip of the key areas. Also, I know practically nothing
of how I could to best get FreeBSD to physically write to disk
(configurability of hardware cache etc permitting).
With best regards,
David.
>
> Hello,
>
> I was wondering whether someone knowledgable about gbde internals could tell
> me how the keys are being destroyed on request under the "blackening feature".
> Ideally, I'd like them to be overwritten with random data at least 20 times
> independently, but I suspect it may well be done in a different way. I'd be
> grateful for learning how the blackening works (and why!).
>
> With many thanks for your help in advance,
>
> David Kreil.
>
------------------------------------------------------------------------
Dr David Philip Kreil ("`-''-/").___..--''"`-._
Research Fellow `6_ 6 ) `-. ( ).`-.__.`)
University of Cambridge (_Y_.)' ._ ) `._ `. ``-..-'
++44 1223 764107, fax 333992 _..`--'_..-_/ /--'_.' ,'
www.inference.phy.cam.ac.uk/dpk20 (il),-'' (li),' ((!.-'
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200409032243.i83MhuA02066>