encrypted disc hint

Wiliam Harrington wwh20610 at cmsu2.cmsu.edu
Thu Jun 16 13:58:47 PDT 2005


On Tue, 31 May 2005 09:12:28 -0600, Archaic wrote:

> On Mon, May 30, 2005 at 05:14:49PM -0400, Robert Connolly wrote:
>> 
>> Anyway. If anyone of you could look it over and comment on it I would
>> appreciate it.
> 
> Disc should be disk and a spell checking on the document would be a good
> thing. Also, encrypting the OS instead of just the data will lead to a
> heavy performance penalty and likely little value (since /bin/cat isn't
> exactly a sensitive piece of data) so you should probably mention that so
> people can base their decision on more well-rounded information.

I recently did this, and the only performance hit I saw was while making the filesystem
and copying big files.  I was using a p4 M 2GHz machine in a Thinkpad R40.  The user should
be aware that have any part of the disk unencrypted gives chance to having something within
the encrypted disk leaked to the outside, such as a key, offset, important file, ... you get
the idea. Indeed, it is a great point to issue on the performance hit.

William (Ratrophy)



More information about the hlfs-dev mailing list