[cryptography] Just how bad is OpenSSL ?

Jeffrey Walton noloader at gmail.com
Wed Oct 31 17:25:08 EDT 2012


On Tue, Oct 30, 2012 at 11:29 AM, Thierry Moreau
<thierry.moreau at connotech.com> wrote:
> Solar Designer wrote:
>>
>> On Mon, Oct 29, 2012 at 04:06:58PM -0400, Jeffrey Walton wrote:
>>
>>> The OpenSSL cleanse() function will likely fail on BIOs created from
>>> storage and memory mapped files when used on SSDs due to write
>>> leveling and on-controller compression. If write leveling goes away,
>>> it looks like cleanse() will still fail due to compression. Hence the
>>> need for random, non-compressible data.
>>
>>
>> Not overwriting the same location may also happen due to journaling
>> filesystems.
>>
>
> Isn't memory-space cleanse() isolated from file system specifics except for
> the swap space?
>
> Is the SSD technology used for swap state in any of the OS distributions?
Its a standard upgrade option from the Apple Store:

  128GB Solid State Drive [Add $100.00]
  256GB Solid State Drive [Add $400.00]
  512GB Solid State Drive [Add $900.00]

SSDs are an option for Dell and Gateway (and likely many other manufactures).

I also know a few folks who have swapped out their SATA drives. All
Windows machines, though.

Jeff



More information about the cryptography mailing list