Hacker News new | past | comments | ask | show | jobs | submit login

If you're doing FDE, you should be encrypting your backups as well. It can be relatively trivial, depending on your backup setup.



This is all good, until you get any kind of disk corruption. Good luck getting any of your data back.


If my encrypted disk becomes corrupted and then corrupts my unencrypted backup, what's the difference?


A good backup, e.g. Time machine, lets you restore feom before the corruption. A backup on an encrypted disk risks the entire backup volume being corrupted and unusable in one go, thus making it a very brittle backup.

I'm assuming that a corrupted encrypted file is totally unusable here, and now that I think more about it I'm not sure - encryption with chained blocks would mean errors have a larger affect than just at the error site, wouldn't it?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: