|
This requires intimate knowledge on how the disk is encrypted by the software, I imagine. Speculating: One can imagine that it is possible, for unused blocks on the disk, to simply encrypt a zeroed out block; essentially, initialize the disk to a state of random data. From the cryptotext, you wouldn't be able to know how much is used. However, for efficiency, I could see this not being done, and disk blocks that never saw use actually being zero. That said, a previously-used-but-now-freed block might still contain the encrypted content, and just be unlinked from the filesystem. Unless freed sectors actually get zeroed, I would say that the number of non-zero blocks on the disk only indicate an upper bound on the data, and there may be less. (And thus, your backup might appear to have less data than the disk while still containing all the data.) AFAIK, the filing doesn't elaborate, but I also haven't read all of the filing yet. Nor is this particular filing the only document in the case, and I sadly don't have access to the court documents. It would seem that in the United States, these are behind a paywall (see PACER), though I believe it should be legal to mirror them; it seems that archive.org is attempting to do this with their RECAP project, but they don't seem to have the case (or I can't find it). The case ID is on the filing in my first post: "5:16-cm-00010-SP"; the format is described here[1]. Essentially, "5 <division of Riverside> :16 <last two digits of the year> -cm <"misc" case>-00010 <the case number, tenth of the year, I think?> -SP <no idea.>" [1]: https://www.cacd.uscourts.gov/records |