Timeline for How to refresh decoy data on a plausible deniability dm-crypt scheme?
Current License: CC BY-SA 4.0
8 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Mar 24, 2023 at 21:11 | comment | added | LustreOne | Yes, e2fsck on the outer filesystem will definitely rewrite superblocks, and maybe group descriptors, bitmaps, and other in use metadata that overlaps with the inner filesystem. How much of this metadata in use at the end of the device depends on the formatting options. It is also possible (when first creating the outer filesystem at the full size) to specify options like "sparse_super2" to force all the metadata to be at the start of the volume. You can check which blocks are actually used with "dumpe2fs <outer>". | |
| Mar 24, 2023 at 21:06 | history | edited | LustreOne | CC BY-SA 4.0 |
clarify that e2fsck applies to outer filesystem
|
| Mar 23, 2023 at 8:47 | comment | added | ChennyStar | An other idea I had was to shrink the outer volume back to 20 GB, refreshing the data, then increase again the outer volume to 500 GB, and hoping the inner volume hasn't been damaged in the process. But again, I fear that increasing the outer volume back to 500 GB will create new copies of the superblock along the outer FS, and thus overwriting data of the inner FS | |
| Mar 23, 2023 at 8:47 | comment | added | ChennyStar |
until the next time that e2fsck was run on the filesystem : I suppose you talk about the outer filesystem. Until now I carefully avoided to use e2fsck on the outer filesystem, because I was scared that it would recreate the superblock copies that were initially on the space now occupied by the inner filesystem. It's my understanding that when you create an EXT4 filesystem, it puts copies of the superblock all along the disk. So when I created my inner FS, some of those copies of the outer FS's superblock are potentially overwritten. Does e2fsck on the outer FS recreate those copies ?
|
|
| Mar 23, 2023 at 8:47 | comment | added | ChennyStar |
If you wanted to be a bit more clever than just packing the inner volume at the end of the outer filesystem : I don't thing there's the need to be "more clever", because I also encrypted my outer volume in the first place and filld empty space with random data (before creating the inner volume). So there's nothing suspicious to see scrambled data at the end of the outer volume. At least that's my understanding.
|
|
| Mar 23, 2023 at 8:46 | comment | added | ChennyStar | Thanks. Marking this as an accepted answer, though I didn't test yet. But yes, that seems to be a promising approach. A few thoughts and questions : | |
| Mar 23, 2023 at 8:27 | vote | accept | ChennyStar | ||
| Mar 23, 2023 at 1:09 | history | answered | LustreOne | CC BY-SA 4.0 |