Name: Bonersconer 2012-07-04 4:03
I am not a noob, nor am I experienced in these areas, modesty is a safe bet as I do not want to overstate my skillset.
I have two sources that I consider to be the people with the most experience that I know in these areas but they do not fully agree. I would like to get your opinions and whatever else you may want to share about what you do and why.
Friend 1, computer professional, runs his own business out of his house fixing peoples shit and tinkering with his own tech. Recommends LUKS for encrypting non-OS files (for speed) and temporary files and important data. Thinks truecrypt is garbage because its proprietary.
For deletion he uses dd and dev/zero. On his ext4 filesystem it takes 2 hours to dd and 2 minutes to LUKS a 300gb drive. He suspects that dev/zero over dev/urandom contributes a bit (he admitted he doesn't know how much cause he doesn't use urandom) but he thinks that the NTFS filesystem is the cause of the slow (20GB/hour) dd speed. He also said, when I brought up the idea that dev/zero with dd is less secure and determined people could see what was written on the disk before all the 0's because they're all 0's and its easy to see ( read a paranoid theory about this idea) and he said that with NTFS that'd be possible but not other filesystems.
His paranoia solution was dd, format, encrypt with random salt (I'm unsure what this is, something about password security) and then format with a different filesystem and use that one after encrypting. He also mentioned setting up encryption to randomize keys on bootup for your temp files and pagefile where your encryption passwords are stored.
Friend 2 said that dd dev/urandom with a few passes to be safe was a good idea and that Truecrypt is trustworthy. He also recommended using a bootable USB OS over a hard drive.
Please criticize all of these assumptions as I am here to learn what is correct.
I have two sources that I consider to be the people with the most experience that I know in these areas but they do not fully agree. I would like to get your opinions and whatever else you may want to share about what you do and why.
Friend 1, computer professional, runs his own business out of his house fixing peoples shit and tinkering with his own tech. Recommends LUKS for encrypting non-OS files (for speed) and temporary files and important data. Thinks truecrypt is garbage because its proprietary.
For deletion he uses dd and dev/zero. On his ext4 filesystem it takes 2 hours to dd and 2 minutes to LUKS a 300gb drive. He suspects that dev/zero over dev/urandom contributes a bit (he admitted he doesn't know how much cause he doesn't use urandom) but he thinks that the NTFS filesystem is the cause of the slow (20GB/hour) dd speed. He also said, when I brought up the idea that dev/zero with dd is less secure and determined people could see what was written on the disk before all the 0's because they're all 0's and its easy to see ( read a paranoid theory about this idea) and he said that with NTFS that'd be possible but not other filesystems.
His paranoia solution was dd, format, encrypt with random salt (I'm unsure what this is, something about password security) and then format with a different filesystem and use that one after encrypting. He also mentioned setting up encryption to randomize keys on bootup for your temp files and pagefile where your encryption passwords are stored.
Friend 2 said that dd dev/urandom with a few passes to be safe was a good idea and that Truecrypt is trustworthy. He also recommended using a bootable USB OS over a hard drive.
Please criticize all of these assumptions as I am here to learn what is correct.