On 2020-06-27 01:46, Andrei POPESCU wrote:
The latest recommendation I saw for "cheap flash based" storage is 4MiB
in order to align with erase block sizes, so now I'm starting all my
partitions at 4MiB instead of 1MiB.
Interesting subject -- thanks for bringing it up. :-)
STFW there does
On 2020-06-27 12:47, David Christensen wrote:
The ATA secure erase command is
designed to erase all blocks, both host-accessible and hidden.
STFW, "secure erase" (aka "security erase") is an older feature and may
not erase all NAND blocks, just the "mapping table". (When I have done
this on
On 6/27/20 6:00 AM, David Christensen wrote:
On 2020-06-26 18:25, David Wright wrote:
There's still the problem of what one does about sensitive data if
one has been rash enough to write it unencrypted onto an SSD. Would
shred -n 1 be preferable? Not really, because that doesn't hit the
ex-fi
On Vi, 26 iun 20, 20:25:32, David Wright wrote:
>
> Ironically, 2048 is neither cargo cult nor magic, but *is* the default
> used by LUKS when the kernel does not supply one, as documented two
> paragraphs earlier. Are you suggesting a 1MB alignment might be
> insufficient? If one were to specify
1) backup your data to external usb drive
2) reinstall with encrypted enabled
3) restore data
= a lot of unencrypted data get's overwritten (if user does not have a
lot of data, generate some X-D)
On 6/27/20 6:00 AM, David Christensen wrote:
> On 2020-06-26 18:25, David Wright wrote:
>
>> There
On 2020-06-26 21:00, David Christensen wrote:
On 2020-06-26 18:25, David Wright wrote:
There's still the problem of what one does about sensitive data if
one has been rash enough to write it unencrypted onto an SSD. Would
shred -n 1 be preferable? Not really, because that doesn't hit the
ex-f
On 2020-06-26 18:25, David Wright wrote:
There's still the problem of what one does about sensitive data if
one has been rash enough to write it unencrypted onto an SSD. Would
shred -n 1 be preferable? Not really, because that doesn't hit the
ex-file areas. What then?
The best option is to c
On Fri 26 Jun 2020 at 15:45:09 (-0400), Michael Stone wrote:
> On Fri, Jun 26, 2020 at 02:06:57PM -0500, David Wright wrote:
> > Agreed. But I wouldn't be writing any sensitive information to an SSD
> > in the first place without encrypting it. (Not that I own any yet.)
>
> SSDs are more common th
On Fri, Jun 26, 2020 at 02:06:57PM -0500, David Wright wrote:
Agreed. But I wouldn't be writing any sensitive information to an SSD
in the first place without encrypting it. (Not that I own any yet.)
SSDs are more common than not in new computers so it's probably best to
assume that people rea
On Fri 26 Jun 2020 at 11:47:34 (-0400), Michael Stone wrote:
> On Fri, Jun 26, 2020 at 08:25:49AM -0500, David Wright wrote:
> > If encrypting an entire disk, scramble the disk first, then partition.
> > If only encrypting a partition, partition the disk first.
> > Alignments should be at least 2M
On Fri, Jun 26, 2020 at 08:25:49AM -0500, David Wright wrote:
If encrypting an entire disk, scramble the disk first, then partition.
If only encrypting a partition, partition the disk first.
Alignments should be at least 2M (4096 x 512B sectors).
Scramble any sensitive pre-existing contents:
# d
Thanks -- very helpful! I mayb have some more questions as I triy to digest
this, but can't spend time on it today.
Nothing new below this line.
On Friday, June 26, 2020 09:25:49 AM David Wright wrote:
> On Thu 25 Jun 2020 at 07:40:43 (-0400), rhkra...@gmail.com wrote:
> > On Wednesday, June 24
On Thu 25 Jun 2020 at 07:40:43 (-0400), rhkra...@gmail.com wrote:
> On Wednesday, June 24, 2020 10:20:55 PM David Wright wrote:
> > On Wed 24 Jun 2020 at 21:28:38 (-0400), rhkra...@gmail.com wrote:
> > > On my Wheezy system, I used cryptsetup to set up a LUKs encrypted file
> > > system on a dedic
On Thursday, June 25, 2020 10:14:50 AM rhkra...@gmail.com wrote:
> Can you give me any clues about how you told it which audio device to use
> (and which you told it to use)?
Ahh, I found the settings screen and switched the audio (to "Built In Analog
Audio Stereo") and tested it -- it works.
(I
On Thursday, June 25, 2020 07:29:53 AM rhkra...@gmail.com wrote:
> At least for the Jessie system, I'd like to install some encrypted
> filesystems without reinstalling (or replacing) Jessie.
Does anybody know what the DI (Debian Installer) installs by default for an
encrypted filesystem on Jessi
On Thursday, June 25, 2020 09:25:06 AM David wrote:
> Hi, are you aware that Zoom has available a Linux-compatible
> desktop client application that runs without a browser?
Thanks, yes, that is one of the ways I tried to join the zoom meeting on my
Jessie system -- the client says it requires / w
David (12020-06-25):
> Hi, are you aware that Zoom has available a Linux-compatible
> desktop client application that runs without a browser?
>
> It works on Buster, apart from needing to be told which audio
> device to use every time it is run.
> Available here:
> https://zoom.us/download#client_
On Thu, 25 Jun 2020 at 21:30, wrote:
> I might consider reinstalling the Buster system,
> I might even replace it with testing as, for some purposes, I need a Firefox
> more up-to-date than that in Buster.
>
> (I tried to join a Zoom meeting and could not get sound, I got a message that
> my Fire
On Wednesday, June 24, 2020 10:20:55 PM David Wright wrote:
> On Wed 24 Jun 2020 at 21:28:38 (-0400), rhkra...@gmail.com wrote:
> > On my Wheezy system, I used cryptsetup to set up a LUKs encrypted file
> > system on a dedicated partition
>
> What were the contents of this partition: the OS itsel
On Wednesday, June 24, 2020 09:34:00 PM Roberto C. Sánchez wrote:
> On Wed, Jun 24, 2020 at 09:28:38PM -0400, rhkra...@gmail.com wrote:
> > I'm wondering if cryptsetup is still something like "state of the art" or
> > if there is anything more secure and simpler to learn to setup?
>
> Assuming you
On 6/25/2020 3:34 AM, Roberto C. Sánchez wrote:
On Wed, Jun 24, 2020 at 09:28:38PM -0400, rhkra...@gmail.com wrote:
On my Wheezy system, I used cryptsetup to set up a LUKs encrypted file system
on a dedicated partition (actually, two filesystems).
It was a PITA learning how to do it, and it wa
On Wed 24 Jun 2020 at 21:28:38 (-0400), rhkra...@gmail.com wrote:
> On my Wheezy system, I used cryptsetup to set up a LUKs encrypted file
> system
> on a dedicated partition
What were the contents of this partition: the OS itself, or /home,
or an independent filesystem that you'd probably moun
On 2020-06-24 18:34, Roberto C. Sánchez wrote:
On Wed, Jun 24, 2020 at 09:28:38PM -0400, rhkra...@gmail.com wrote:
On my Wheezy system, I used cryptsetup to set up a LUKs encrypted file system
on a dedicated partition (actually, two filesystems).
It was a PITA learning how to do it, and it was
On Wed, Jun 24, 2020 at 09:28:38PM -0400, rhkra...@gmail.com wrote:
> On my Wheezy system, I used cryptsetup to set up a LUKs encrypted file
> system
> on a dedicated partition (actually, two filesystems).
>
> It was a PITA learning how to do it, and it was 6 years ago, and it looks
> like
>
On my Wheezy system, I used cryptsetup to set up a LUKs encrypted file system
on a dedicated partition (actually, two filesystems).
It was a PITA learning how to do it, and it was 6 years ago, and it looks like
I have to relearn it to do it again on Jessie and / or Buster (and on a backup
devi
25 matches
Mail list logo
