CRYPTO SHREDDING is the practice of rendering sensitive data unreadable by deliberately overwriting or deleting encryption keys used to secure that data. For example, an entire table of customer personal details could be encrypted using random keys for each record, with a different table storing the keys. If a customer exercised their “right to be forgotten,” we can simply delete the appropriate key, effectively “shredding” the encrypted data.

@njoseph_1 or you can overwrite your LUKS header, effectively "shredding" your whole encrypted disk.

It's a pretty powerful idea, and I think think there's more interesting applications of it waiting to be discovered.

@Wolf480pl @njoseph_1 Like losing your data because because you forgot to backup your luks header :smugsiptea:

@kitsune @njoseph_1 It's a feature, ok?

On a serious note:
I'm sorry if this happened to you.

However, the whole point of LUKS key-strips is that they can be easily destroyed, with very little chance that the key will survive.
(eg. when you're in an oppressive country and police enters your house)

All LUKS tutorials I've seen mention backing up the LUKS header... though I guess they could be more explicit about how important it is.

@Wolf480pl @njoseph_1 Well it didn't happen to me but it's way too easy to destroy your data with tools like dd if you're not careful.

@kitsune @njoseph_1 well, you'd have to run dd as root, and I think people kinda expect that touching /dev/sd* with dd as root can be dangerous.

There's lots of tools out there with which you can hurt yourself if you're not careful. But people who use them know they need to be careful, and generally are careful.

@kitsune @njoseph_1
lol I meant physical tools, like an angle grinder :P

@kitsune @njoseph_1
yeah, but when building a house, or doing some kinds of DIY stuff, chances are you're gonna need one. So people learn to use them and be careful with them.

@Wolf480pl @njoseph_1 Well you can be as careful as you want but accidents are bound to happen :smugsiptea:
Sign in to participate in the conversation

A Mastodon instance running on ThoughtWorks infrastructure for its employees to interact with the Fediverse.