When will we see TRIM support for GELI volumes ?
Thomas Steen Rasmussen
thomas at gibfest.dk
Tue Mar 19 01:12:09 UTC 2013
On 19-03-2013 01:02, kpneal at pobox.com wrote:
> On Tue, Mar 19, 2013 at 12:03:48AM +0100, Thomas Steen Rasmussen wrote:
>> Hello there,
>>
>> I was happy to see TRIM support in UFS and ZFS, however:
>> I would really like to see TRIM support for GELI volumes.
>>
>> I finally got an SSD with TRIM support for the laptop, but I can't
>> really use it with GELI disk encryption because the lack of TRIM
>> support makes writing to the disk really slow after a while.
>>
>> I've been told this is not a huge job, but I wouldn't know.
>>
>> I can't understand why more people aren't asking for this.
>> Do people not encrypt their laptops, or do they not use SSDs ?
> Wouldn't that defeat the purpose somewhat?
>
> With an encrypted disk an attacker who gets the disk does not know
> which parts of the disk have valid data and which do not. But with
> TRIM the drive does know where the valid data is, and so an attacker
> knows as well.
>
> Does it make sense to put a flashing neon sign up that says "secret data
> right here!"?
Hello,
This is a bit off topic, but I'll bite:
I suppose it depends on the use-case. personally I could care
less if a thief who steals my laptop knows that the disk
contains encrypted data. If I was hiding some top secret files
from a government I might feel different, but I'm not so I don't.
I do feel though that in this day in age we should strive to encrypt
everything, even data that is not secret. Network connections too.
Doing so protects your privacy, and more importantly, if one day
you DO have something that is really secret, it doesn't stand out :)
Have you tried using an SSD without TRIM support ? It really is
awfully slow, I'm talking 10-20-30 seconds freezes while the disk
is writing. It is not usable - but neither is a laptop without disk
encryption (to me) :)
/Thomas Steen Rasmussen
More information about the freebsd-fs
mailing list