[nycbug-talk] Re: Roland Dowdeswell interview on CGD
Johnny Lam
jlam
Fri Dec 23 12:01:10 EST 2005
George R. wrote:
> Ray Lai wrote:
>>
>> I've always wondered how gracefully encrypted disks handled crashes.
>> Does anyone have any experience? I've used the encrypted disk image
>> for qemu before, but a crash ren
>
>
> Excellent point Ray. . . encryption, particularly disk level (which CGD
> is not), may raise some issues of data integrity in the event of crashes.
>
> Roland, why don't you speak to this, even though CGD is file-based, right?
No, CGD is not file-based -- it works at the block-level. It provides a
pseudo-disk that can be partitioned, disklabeled, and newfs'ed like any
other disk. I consider this a strength since it foils meta-data
attacks, e.g. looking at directory structures to glean information about
the likely contents of files. IIRC, because CGD works block-by-block
and because of the "write atomicity" that Roland talks about in the
interview, losing power when using CGDs is no different than losing
power with normal disks -- you just lose whatever has failed to write to
the disk, but it doesn't affect the existing data on the CGD pseudo-disk.
Incidentally, I use the 2-factor authentication scheme that Roland talks
about in the paper. It works like a charm with CGD on my laptop to
protect sensitive data.
Cheers,
-- Johnny Lam <jlam at pkgsrc.org>
More information about the talk
mailing list