On 2/21/25 07:11, Dan Purgert wrote:
On Feb 21, 2025, Frank Guthausen wrote:
On Fri, 21 Feb 2025 05:07:10 -0500
gene heskett <ghesk...@shentel.net> wrote:
my home net, is behind dd-wrt, in plain text. on an address block
that does not get thru a router. And in 30 years I have not been
touched.
LUKS addresses a completely different attack vector than network
intrusion. As long as the LUKS device is decrypted on a running
machine it is not much of a help. LUKS protects data during the
encrypted state, e.g. when a stolen laptop was in shutdown state
at that time, and it helps to protect data when disks are up to
renewal and someone else has got access to the older disks later.
Without LUKS the disk erasing process needs time and might well
be quiet expensive.
Yes and no with the erasure thing -- a handful of SSD options nowadays
do onboard / integral encryption, so "erasing" the drive is essentially
just "deleting the secret key"
But then again, SSDs are quite expensive per TiB if you're talking about
a storage array
So are spinning rust when it only lasts 2 weeks. Seacrate has sold me
the last drive they'll ever sell me. Shingled, helium filled, 2T drives,
doomed when the helium escapes. They just disappeared off the end of the
sata cable. Same cable, plugged into an SSD is working perfectly over 2
years later. And working 4x faster.
Cheers, Gene Heskett, CET.
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
- Louis D. Brandeis
