Date: Tue, 19 Mar 2013 02:11:56 +0100 From: Thomas Steen Rasmussen <thomas@gibfest.dk> To: kpneal@pobox.com Cc: freebsd-fs@freebsd.org Subject: Re: When will we see TRIM support for GELI volumes ? Message-ID: <5147BB5C.7020205@gibfest.dk> In-Reply-To: <20130319000232.GA18711@neutralgood.org> References: <51479D54.1040509@gibfest.dk> <20130319000232.GA18711@neutralgood.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 19-03-2013 01:02, kpneal@pobox.com wrote: > On Tue, Mar 19, 2013 at 12:03:48AM +0100, Thomas Steen Rasmussen wrote: >> Hello there, >> >> I was happy to see TRIM support in UFS and ZFS, however: >> I would really like to see TRIM support for GELI volumes. >> >> I finally got an SSD with TRIM support for the laptop, but I can't >> really use it with GELI disk encryption because the lack of TRIM >> support makes writing to the disk really slow after a while. >> >> I've been told this is not a huge job, but I wouldn't know. >> >> I can't understand why more people aren't asking for this. >> Do people not encrypt their laptops, or do they not use SSDs ? > Wouldn't that defeat the purpose somewhat? > > With an encrypted disk an attacker who gets the disk does not know > which parts of the disk have valid data and which do not. But with > TRIM the drive does know where the valid data is, and so an attacker > knows as well. > > Does it make sense to put a flashing neon sign up that says "secret data > right here!"? Hello, This is a bit off topic, but I'll bite: I suppose it depends on the use-case. personally I could care less if a thief who steals my laptop knows that the disk contains encrypted data. If I was hiding some top secret files from a government I might feel different, but I'm not so I don't. I do feel though that in this day in age we should strive to encrypt everything, even data that is not secret. Network connections too. Doing so protects your privacy, and more importantly, if one day you DO have something that is really secret, it doesn't stand out :) Have you tried using an SSD without TRIM support ? It really is awfully slow, I'm talking 10-20-30 seconds freezes while the disk is writing. It is not usable - but neither is a laptop without disk encryption (to me) :) /Thomas Steen Rasmussen
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5147BB5C.7020205>