From: Artem Bityutskiy <dedekind1@gmail.com>
To: Stelling Carsten <Carsten.Stelling@goerlitz.com>
Cc: "linux-mtd@lists.infradead.org" <linux-mtd@lists.infradead.org>
Subject: Re: Security enhancement for UBIFS with secure erase feature
Date: Sun, 11 Sep 2011 16:22:36 +0300 [thread overview]
Message-ID: <1315747360.18731.57.camel@sauron> (raw)
In-Reply-To: <02855DE82B1CA94A9115CCD637A1325643CD9EC4A3@goemail-server.goerlitz.int>
On Thu, 2011-09-08 at 16:35 +0200, Stelling Carsten wrote:
> < Are there any plans for such a security enhancement in UBIFS?
>
> Hello Atlant,
>
> you're right. Writing zeroes is not applicable to all kinds of flash technology.
>
> Are there any plans to support privacy in UBIFS?
>
> In my opinion privacy should be guaranteed by the file system, so that any
> application can rely on its security features.
>
> There're other solutions, e.g. to encrypt the content of each file with a unique
> key stored in the metadata area of that particular file. Although this solution
> needs to secure erase the key associated with the deleted file too.
> I see, that might be a real dilemma.
>
> Are there any suggestions?
Well, it is possible to implement secure erase, but it will be very slow
- you'll need to garbage collect all eraseblocks which contain the old
file, including all the obsolete portions of that file which might still
be on the flash media.
So basically, to secure delete a file, you'd need to scan whole flash to
find all its old (obsolete) fragments.
VS plans - no, there are no plans, UBIFS does not enjoy a lot of
developer's. You are welcome with patches, though!
--
Best Regards,
Artem Bityutskiy
next prev parent reply other threads:[~2011-09-11 13:20 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-09-08 14:35 Security enhancement for UBIFS with secure erase feature Stelling Carsten
2011-09-11 13:22 ` Artem Bityutskiy [this message]
2011-10-27 9:33 ` Joel Reardon
2011-10-30 12:51 ` Artem Bityutskiy
-- strict thread matches above, loose matches on Subject: below --
2011-10-31 17:51 Stelling Carsten
2011-09-05 16:01 Stelling Carsten
2011-09-08 11:18 ` Atlant Schmidt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1315747360.18731.57.camel@sauron \
--to=dedekind1@gmail.com \
--cc=Carsten.Stelling@goerlitz.com \
--cc=linux-mtd@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).