Thomas Delrue on 8 Jul 2016 08:13:05 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] RAID striping


I am always sceptical whenever anyone uses a reference to "but nothing
that rises to NSA level secrecy"... As if individuals don't have a
strong need for protection of information.

I'd argue that the people's information included in that payroll data
*does* reach those individuals' "NSA level of secrecy"... I doubt any of
them would like their data in the open...

If my info from your payroll data (I'm thinking that includes things
like SSN, DOB, and other PII) falls into someone else's hands, there
would be damage to me... therefore the data needs protection and proper
destruction.

On 07/08/2016 11:04 AM, Eric H. Johnson wrote:
> Rich,
> 
> Thanks for the detailed answer. The most sensitive data on these drives is
> payroll information that is several years old, but nothing that rises to NSA
> level secrecy.  :)
> 
> Regards,
> Eric
> 
> 
> Setting aside the good advice to destroy a drive if you can't wipe it...
> 
> In traditional raid (including mdadm) the data will be striped across all
> your drives in stripes.  So for any particular byte on the drive parts of
> the byte are stored on all of the drives in the array.
> 
> Generally speaking it should not be possible to reconstruct any data from a
> single drive in a 6-drive raid5.
> 
> However, there certainly could be exceptions to that.  If you had data with
> a very low density (imagine a file where you stored one bit surrounded by
> zeros in every few MB range of a file), then it probably would be possible
> to read the file from a single drive (most likely the encoded version of the
> file would be identical in all blocks except where a 1 was stored, with no
> more than one bit per stripe, so you can read it off by the presence/absence
> of the one/zero pattern).
> Besides the space savings, this is why there is often a security benefit to
> compressing files before encrypting them (something built into many
> encryption programs).  When you're only storing a few bits of data per block
> of encoding things can sometimes break down.  And unlike crypto systems the
> raid algorithms are probably not engineered to avoid leaking information (if
> anything, you want a raid to be as easy to recover as possible).
> 
> I'm sure there are other things that would cause it to break down, like
> files with internal relationships (maybe you can narrow down every byte in a
> file to a list of certain possibilities, and then relationships within the
> file let you narrow that down further).
> 
> So, if your threat model is credit card thieves and such, you probably don't
> need to worry.  If you're storing highly valuable data or the NSA is
> interested in you, I wouldn't take chances.
> 
> --
> Rich
> ___________________________________________________________________________
> Philadelphia Linux Users Group         --        http://www.phillylinux.org
> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
> General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
> 
> ___________________________________________________________________________
> Philadelphia Linux Users Group         --        http://www.phillylinux.org
> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
> General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
> 

Attachment: signature.asc
Description: OpenPGP digital signature

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug