installation with encryption: erasing does nothing

Bug #1285247 reported by Patrik Nilsson
268
This bug affects 4 people
Affects Status Importance Assigned to Milestone
ubiquity (Ubuntu)
Confirmed
High
Dimitri John Ledkov

Bug Description

"Overwriting empty disk space" when installing with encryption ("encrypt the new Ubuntu GNOME installation for security" and "Use LVM with the new Ubuntu GNOME installation" checked) does nothing.

The same option installing Debian 7.4 takes 24h on the same computer.

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: ubiquity (not installed)
ProcVersionSignature: Ubuntu 3.13.0-12.32-generic 3.13.4
Uname: Linux 3.13.0-12-generic i686
NonfreeKernelModules: wl
ApportVersion: 2.13.2-0ubuntu5
Architecture: i386
CurrentDesktop: GNOME
Date: Wed Feb 26 17:43:05 2014
InstallCmdLine: file=/cdrom/preseed/ubuntu-gnome.seed boot=casper initrd=/casper/initrd.lz quiet splash -- maybe-ubiquity
InstallationDate: Installed on 2014-02-26 (0 days ago)
InstallationMedia: Ubuntu-GNOME 14.04 "Trusty Tahr" - Alpha i386 (20140226)
SourcePackage: ubiquity
UpgradeStatus: No upgrade log present (probably fresh install)

Revision history for this message
Patrik Nilsson (nipatriknilsson) wrote :
information type: Private Security → Public Security
Changed in ubiquity (Ubuntu):
status: New → Confirmed
assignee: nobody → Dimitri John Ledkov (xnox)
Revision history for this message
Alberto Salvia Novella (es20490446e) wrote :

It renders essential features or functionality of the package (or a dependent one) broken.

Changed in ubiquity (Ubuntu):
importance: Undecided → High
Revision history for this message
Patrik Nilsson (nipatriknilsson) wrote :

Just to make sure we don't introduce another security issue: Erasing actually means randomizing content.

In command-line words:

dd if=/dev/urandom of=/dev/sdx

and make sure /dev/urandom is working during installation.

Revision history for this message
SamInside (sam-inside-89) wrote :

Hrmmmm... This exists since 2014 !!??
And it's not solved yet (2016)?

Please also see:
https://ubuntuforums.org/showthread.php?t=2330425&page=2&p=13549951#post13549951
and
https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1602155

@Patrik: better yet is to use "shred", it's faster than urandom.

Revision history for this message
SamInside (sam-inside-89) wrote :

Bug not yet solved in Focal 20.04.01
6 years old SECURITY bug.

To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.