On Sun, 2019-01-27 at 20:46 -0800, jdow wrote:
On 20190127 14:44:52, Patrick O'Callaghan wrote:
On Sun, 2019-01-27 at 19:56 +0100, Wolfgang Pfeiffer wrote:
Given that encrypting the disk means (at a minimum) reading the entire contents and rewriting it,
No. I don't think data is written and rewritten. See below.
If it's not being read and rewritten, it's not being encrypted. It's as simple as that. A cryptosystem that doesn't read the plaintext? How does that work?
poc
Give me an image if the disk and after suitable time and effort I have access to the whole thing if only the directory entries are encrypted. So the tool in question gives a false sense of security at best. {^_^}
If that's indeed what it does, I agree.
Another point: several people have mentioned using /dev/urandom. It's important to note that this is a *pseudo-random* generator. It starts from a random seed, but from that generates a completely deterministic pattern. If you have the seed, you have everything. And since the idea here is to overwrite the disk, the first part of which contains "plaintext" that follows a regular layout (partition table etc.) it makes the task of decoding the disk even easier as that's the only part you would actually have to analyse at a physical level.
poc