Date: Mon, 26 Jan 2015 14:36:50 -0500 From: "Michael W. Lucas" <mwlucas@michaelwlucas.com> To: John-Mark Gurney <jmg@funkthat.com> Cc: hackers@freebsd.org Subject: Re: GBDE not protecting the user Message-ID: <20150126193650.GA60343@mail.michaelwlucas.com> In-Reply-To: <20150126182643.GE27103@funkthat.com> References: <20141010215842.GA6717@mail.michaelwlucas.com> <20141011113008.705ba16d@X220.alogt.com> <20141011074412.GA9432@mail.michaelwlucas.com> <20150126182643.GE27103@funkthat.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jan 26, 2015 at 10:26:43AM -0800, John-Mark Gurney wrote: > Michael W. Lucas wrote this message on Sat, Oct 11, 2014 at 03:44 -0400: > > I'd really like to include GBDE in my FreeBSD storage book, but it > > seems that it doesn't actually work. > > You should include that gbde does not use any AES-NI acceleration, so > if you need performance and you have crypto acceleration in your machine, > then the only option in geli... Every time I publish a book, an interesting fact comes up right after the book is out in the world. An interesting fact that would have been perfect for the book, were it not for the book being published and out. And FM:SE's winner is... JMG! Seriously, the material on GBDE is all about protecting the user, and mostly smaller partitions. Nothing in there about FDE, high performance, or anything like that. GBDE is a really cool tool for a really unpleasant use case that nobody else covers so well. But now I'm wondering if you can hide GBDE partitions inside GELI providers. Hmmm... ==ml -- Michael W. Lucas - mwlucas@michaelwlucas.com, Twitter @mwlauthor http://www.MichaelWLucas.com/, http://blather.MichaelWLucas.com/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150126193650.GA60343>