Comment on Do you encrypt your data drives?
onlinepersona@programming.dev 6 months agoRecovering data from a corrupted, encrypted drive is way trickier than from a simply corrupted drive, I imagine.
Comment on Do you encrypt your data drives?
onlinepersona@programming.dev 6 months agoRecovering data from a corrupted, encrypted drive is way trickier than from a simply corrupted drive, I imagine.
peregus@lemmy.world 6 months ago
Why? What would be the problem?
P.s. Why did you link to the Anti Commercial-AI license?
onlinepersona@programming.dev 6 months ago
On linux, you’re probably using LUKS. That has a header with the keys at the beginning of each encrypted volume. If those keys (or key if you only have one) is corrupted and you don’t have a backup of that, you’re fucked.
The next problem is that data recovery tools mostly don’t support decryption. They scan regions or the entire drive for recognizable things like partition headers, partition tables, file types, etc. if those are encrypted, well…
If you are able to decrypt a partition, then it might work as it will show up like any other device in
/dev/mapper/and you could dorecovery /dev/mapper/HDD. However, I have no idea what data corruption does to encryption algorithms. If one part of what is being decrypted is faulty, what does that do to the entire thing?This mostly comes from a lack of knowledge on my part. IIRC encryption depends on hashsums -> if you change what’s being decrypted/encrypted, the entire hashsum is incorrect and thus all the data shouldn’t be able to be decrypted. But I might be wrong - I’ll gladly be wrong on this.
Anti Commercial-AI license
peregus@lemmy.world 6 months ago
I got it, thanks! I will rely on SnapRaid form redundancy and on backups on multiple devices/locations.
WolfLink@lemmy.ml 6 months ago
The way you recover data from a totally dead drive is use a program that scans every byte and looks for structures in the data that look like files e.g. a jpeg will have a header followed by some blocks of content. In an encrypted drive everything looks like random data.
Even if you have the key, you can’t begin searching through the data until it’s decrypted, and the kind of error that makes it so your drive won’t mount normally is likely to get in the way of decrypting normally as well.