From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from v1.tansi.org (mail.tansi.org [84.19.178.47]) by mail.server123.net (Postfix) with ESMTP for ; Sun, 3 Feb 2019 21:14:51 +0100 (CET) Received: from gatewagner.dyndns.org (unknown [81.6.44.245]) by v1.tansi.org (Postfix) with ESMTPA id B4FF114014A for ; Sun, 3 Feb 2019 21:14:38 +0100 (CET) Date: Sun, 3 Feb 2019 21:14:51 +0100 From: Arno Wagner Message-ID: <20190203201450.GA32649@tansi.org> References: <54f092ef-6ec9-49f1-bf40-88cca69f4bff@freesources.org> <20190203142342.qwhlnzo3sp62beug@h-174-65.A328.priv.bahnhof.se> <20190203173434.GA30244@tansi.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Subject: Re: [dm-crypt] 'discard' as default List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de On Sun, Feb 03, 2019 at 18:57:42 CET, Christoph Anton Mitterer wrote: > On Sun, 2019-02-03 at 18:34 +0100, Arno Wagner wrote: > > Specrte and Meltdown are indeed nice examples why that can > > backfire damatically. Security, like most good engineering, > > is about redundancy. You cut a bit here and a bit there and > > suddenly you are nacked. Not good at all. [...] > Anyway, guess there is nothing more upstream can/should do about > this... it's good to have an option to enable TRIM (for those who > deliberately want it) and it's good that it's not the default. > If distros choose to possibly weaken security, it's up to them and > unfortunately their users. I agree on that one. All we can reasonably do is warn. Although being a security expert does feel like being a climate scientists sometimes.... Regards, Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@wagner.name GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- A good decision is based on knowledge and not on numbers. -- Plato If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier