On 2020-06-18 19:13, David Wright wrote:
On Fri 12 Jun 2020 at 07:51:30 (-0400), Michael Stone wrote:
On Thu, Jun 11, 2020 at 08:52:10PM -0500, David Wright wrote:
The only unaddressed point in my use case is the prevention of a
high-water mark, because zeroing the drive achieves precisely the
opposite. What ought I to be running, instead of badblocks -w -t random,
to achieve that goal?
Create the encrypted volume first, then write zeros to it. :)
Duh! That should work a treat. My posting that example bore me fruit.
Cheers,
David.
Benchmark is one thing. But, from a security viewpoint, writing zeros
to an encrypted volume amounts to providing blocks of plaintext for
corresponding blocks of cyphertext, thereby facilitating cryptanalysis.
David
