1 |
On Sun, Dec 10, 2017 at 4:00 PM, Wols Lists <antlists@××××××××××××.uk> wrote: |
2 |
> |
3 |
> So the OP needs to be aware that, if his file is smaller than the chunk |
4 |
> size, then it *will* be recoverable from a disk pulled from an array, be |
5 |
> it md-raid or zfs. |
6 |
> |
7 |
> The question is, then, how big is a chunk? And if zfs is anything like |
8 |
> md-raid, it will be a lot bigger than the 512B or 4KB that a naive user |
9 |
> would think. |
10 |
> |
11 |
|
12 |
I suspect the data is striped/chunked/etc at a larger scale. |
13 |
|
14 |
However, I'd really go a step further. Unless a filesystem or block |
15 |
layer is explicitly designed to prevent the retrieval of data without |
16 |
a key/etc, then I would not rely on something like this for security. |
17 |
Even actual encryption systems can have bugs that render them |
18 |
vulnerable. Something that at best provides this kind of security "by |
19 |
accident" is not something you should rely on. Data might be stored |
20 |
in journals, or metadata, or unwiped free space, or in any number of |
21 |
ways that makes it possible to retrieve even if it isn't obvious from |
22 |
casual inspection. |
23 |
|
24 |
If you don't want somebody recovering data from a drive you're |
25 |
disposing of, then you should probably be encrypting that drive one |
26 |
way or another with a robust encryption layer. That might be built |
27 |
into the filesystem, or it might be a block layer. If you're |
28 |
desperate I guess you could use the SMART security features provided |
29 |
by your drive firmware, which probably work, but which nobody can |
30 |
really vouch for but the drive manufacturer. Any of these are going |
31 |
to provide more security that relying on RAID striping to make data |
32 |
irretrievable. |
33 |
|
34 |
If you really care about security, then you're going to be paranoid |
35 |
about the tools that actually are designed to be secure, let alone the |
36 |
ones that aren't. |
37 |
|
38 |
-- |
39 |
Rich |