Depreciate and remove gbde

John-Mark Gurney jmg at funkthat.com
Thu Oct 29 23:24:01 UTC 2015


Lyndon Nerenberg wrote this message on Mon, Oct 26, 2015 at 19:06 -0700:
> On Oct 24, 2015, at 12:06 PM, John-Mark Gurney <jmg at funkthat.com> wrote:
> 
> > The thing I like most about encryption is that when I RMA a bad
> > drive, I don't have to worry about my data leaking if I am unable
> > to overwrite all the data...
> 
> You are optimistic if you believe that.  We ($WORK) factor the cost of DOA/warranty drives into our operational budget.  They never get RMAed.  We drill them when they die.

Being a personal user, and having close to a 10% RMA rate on recent
hard drives, that would be a bit costly...

I consider a HD defective if it's under waranty and it's performance
drops below 80% of new, i.e. 130MB/sec normal sequential write drops
below 100MB/sec..

The weekest point is the passphrase/passfile protecting the master
key... In my case, I use a random passfile for these drives...  If
someone is able to break the passfile, or the AES-256 encryption, then
they must really want my data...  It'd be easier, even for governments,
to do a black bag job than recover partial data (it's one drive of a
RAIDZ array)...

-- 
  John-Mark Gurney				Voice: +1 415 225 5579

     "All that I will do, has been done, All that I have, has not."


More information about the freebsd-current mailing list