As far as I can tell, the only problem is that the encryption layer won't forward TRIM commands to the SSD by default because that can reveal some information about the data layout. I've been using full disk encryption on an SSD for a year and while the write speed got somewhat slower over time, it's still better than a hard drive, and overall the system feels responsive. At the rate the cost/GB drops, I was intending from start to replace it after two years or less.
But here's the thing: If you use Linux with dm-crypt, you can set it to pass TRIM commands to the disk. It seems pretty safe, it's only that it will leak information about which blocks are actually used.
But here's the thing: If you use Linux with dm-crypt, you can set it to pass TRIM commands to the disk. It seems pretty safe, it's only that it will leak information about which blocks are actually used.
LE: Here's how to do it: https://wiki.archlinux.org/index.php/System_Encryption_with_...
reply