[NCLUG] linux laptop
Kevin H. Olson
kholson67 at gmail.com
Fri Mar 25 09:42:49 MDT 2011
On 3/24/2011 7:36 PM, Maxwell Spangler wrote:
> On Thu, 2011-03-24 at 13:27 -0600, Sean Reifschneider wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> On 03/17/2011 12:01 AM, Kevin H. Olson wrote:
>>> I would recommend investigating a hardware based encryption over
>>> software. The speed difference can be substantial. I have an IBM Laptop
>> Interesting... I've been running dm_crypt on my laptop for 5 years or so
>> and I can't remember the last time I noticed the performance impact. Even
>> on the Pentium M 1.8GHz I used to have, I just didn't notice the overhead
>> of crypto.
> I run it on a Pentium M 1.5GHz from 2004 -- can't tell the difference
> either. I feel a lot better knowing that if my laptop gets stolen the
> data is inaccessable.
>
It is certainly possible the algorithms are sufficiently advanced that
little performance degradation is now noticed. When we first looked at
whether to go with HW or SW encryption for our use, we did some timing
measurements, and found in our case sufficient difference to warrant the
HW encryption. Unfortunately, I do not have those data available or I
would share them. Our use case is primarily SW development, so we have a
lot of disk activity during compilation with small files, so I don't
know if that makes a difference. Several of our machines are dual-boot,
so the HW encryption protects all of the partitions without other
intervention.
I also like the fact the machine cannot be booted without entering the
key. Even if one has a boot disk for the CD-ROM, it is still necessary
to know the key in order to access the hard drive at all.
Nonetheless, it is interesting to note the number of people who are
happy with the SW encryption, so perhaps I should investigate that for
my home server.
I always appreciate the insights from this list!
More information about the NCLUG
mailing list