Rich Freeman on 8 Jul 2016 07:40:29 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] RAID striping


On Fri, Jul 8, 2016 at 9:07 AM, Eric H. Johnson <ejohnson@camalytics.com> wrote:
>
> Got an odd question from a client that I do not know the answer to. They are
> trying to dispose of some old servers having 6 drives in a RAID 5
> configuration. One of the drives in one of the sets is bad, which could be
> the head rather than the readability of the media. The wipe program used can
> wipe the other five drives, but not the bad drive. The question is how
> striping works. Is that on a word basis, sector basis, block basis etc. IOW,
> without the other 5 drives, could any meaningful information be extracted
> from the bad drive if anyone actually was determined enough to try?
>

Setting aside the good advice to destroy a drive if you can't wipe it...

In traditional raid (including mdadm) the data will be striped across
all your drives in stripes.  So for any particular byte on the drive
parts of the byte are stored on all of the drives in the array.

Generally speaking it should not be possible to reconstruct any data
from a single drive in a 6-drive raid5.

However, there certainly could be exceptions to that.  If you had data
with a very low density (imagine a file where you stored one bit
surrounded by zeros in every few MB range of a file), then it probably
would be possible to read the file from a single drive (most likely
the encoded version of the file would be identical in all blocks
except where a 1 was stored, with no more than one bit per stripe, so
you can read it off by the presence/absence of the one/zero pattern).
Besides the space savings, this is why there is often a security
benefit to compressing files before encrypting them (something built
into many encryption programs).  When you're only storing a few bits
of data per block of encoding things can sometimes break down.  And
unlike crypto systems the raid algorithms are probably not engineered
to avoid leaking information (if anything, you want a raid to be as
easy to recover as possible).

I'm sure there are other things that would cause it to break down,
like files with internal relationships (maybe you can narrow down
every byte in a file to a list of certain possibilities, and then
relationships within the file let you narrow that down further).

So, if your threat model is credit card thieves and such, you probably
don't need to worry.  If you're storing highly valuable data or the
NSA is interested in you, I wouldn't take chances.

-- 
Rich
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug