On Mon, Mar 07, 2005 at 09:43:13AM -0700, [EMAIL PROTECTED] wrote: > > > I also believe that it would be beneficial to implement regular rewriting > > of randomly picked lock sector(s) at random times during a user specified > > interval (up to x rewrites within n seconds) in order to further obscure > > the write pattern and provide additional protection for lock sectors. > > I agree.
I don't. Hiding the lock sector is pointless for hot disk attacks. A malicious SAN administrator (and other intermediaries, if transport encryption is not used) can identify the lock sector trivially, because gbde decrypts its location and tells you: it goes straight there on startup. -- Dan.
pgpVhWNJJBZCb.pgp
Description: PGP signature
