On 11/20/2015 01:04 AM, Pascal Hambourg wrote:
Anyone with physical access can do whatever they want. You can set up
restrictions in the BIOS or set restrictions in the boot loader, but
they still can take the disk out and read or modify it with another
machine.
To protect against this you can use encryption or set up a password
on the disk (ATA security functions). Note that encryption alone does
not protect against tampering, as the boot part cannot be encrypted.
As I understand it, self-encrypting drives (SED) encrypt everything
(including the boot partition). To use this feature, you need a
computer with BIOS/ UEFI that supports it -- e.g. the BIOS will prompt
you for the password during POST; if you don't enter the correct
password, the drive remains locked and its contents are inaccessible;
doing a secure erase will wipe the contents and then unlock the drive:
https://en.wikipedia.org/wiki/Opal_Storage_Specification
I recently bought a Samsung EVO 850 that I'd like to benchmark in
various configurations -- raw/ ext4/ btrfs, with/ without SED, with/
without LUKS, with/ without AES-NI, etc.. I've used "bonnie++" and
"dbench" in the past. What other HDD/ SDD benchmarking tools should I
consider?
David
