On Mon, Jun 18, 2012 at 09:54:13PM +0200, Philipp Kern wrote: > On Mon, Jun 18, 2012 at 01:40:23PM -0300, Fernando J. RodrÃguez wrote: > > Please consider: a) changing the erase algorithm for someting more > > expeditive, even at the expense of some effectiveness; b) asking the user if > > she actually wants to erase the contents of the newly created volume; c) > > warning the user that the erasing could take more than 1 day. > > The latter probably makes sense. I'm pretty sure that the user is asked, > because I always skipped it. On the other hand it's not for pre-existing data > to be wiped but for the encrypted volume to appear completely random. > Otherwise it's pretty obvious which blocks are allocated and which are not. > (Not sure how useful that information is.) > > It's not about effectiveness but about security, sadly.
If it is using /dev/urandom now, that is overkill. There exists many algorithms/programs using random output (many packaged in Debian) that are many times faster and they are safe enough for this. -- To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120618202608.GA22389@lisko
