| Rich Freeman on 8 Jul 2016 07:40:29 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] RAID striping |
On Fri, Jul 8, 2016 at 9:07 AM, Eric H. Johnson <ejohnson@camalytics.com> wrote: > > Got an odd question from a client that I do not know the answer to. They are > trying to dispose of some old servers having 6 drives in a RAID 5 > configuration. One of the drives in one of the sets is bad, which could be > the head rather than the readability of the media. The wipe program used can > wipe the other five drives, but not the bad drive. The question is how > striping works. Is that on a word basis, sector basis, block basis etc. IOW, > without the other 5 drives, could any meaningful information be extracted > from the bad drive if anyone actually was determined enough to try? > Setting aside the good advice to destroy a drive if you can't wipe it... In traditional raid (including mdadm) the data will be striped across all your drives in stripes. So for any particular byte on the drive parts of the byte are stored on all of the drives in the array. Generally speaking it should not be possible to reconstruct any data from a single drive in a 6-drive raid5. However, there certainly could be exceptions to that. If you had data with a very low density (imagine a file where you stored one bit surrounded by zeros in every few MB range of a file), then it probably would be possible to read the file from a single drive (most likely the encoded version of the file would be identical in all blocks except where a 1 was stored, with no more than one bit per stripe, so you can read it off by the presence/absence of the one/zero pattern). Besides the space savings, this is why there is often a security benefit to compressing files before encrypting them (something built into many encryption programs). When you're only storing a few bits of data per block of encoding things can sometimes break down. And unlike crypto systems the raid algorithms are probably not engineered to avoid leaking information (if anything, you want a raid to be as easy to recover as possible). I'm sure there are other things that would cause it to break down, like files with internal relationships (maybe you can narrow down every byte in a file to a list of certain possibilities, and then relationships within the file let you narrow that down further). So, if your threat model is credit card thieves and such, you probably don't need to worry. If you're storing highly valuable data or the NSA is interested in you, I wouldn't take chances. -- Rich ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug