alt Hacker News> Simply add random access times.
That doesn't work. Because the random times are uniformly distributed it's possible to remove it from the data by additional sampling. You do make it harder because you need a lot more data, but it's still possible to extract the signal, because the noise is uniform.
Replies
progval • today at 5:58 AM
The random times don't have to be uniformly distributed. Though it's enough for attackers to know the distribution to de-noisify it.
The interesting mitigation would be snapping I/O to a course clock.
You could then set it to hold the result until the next tick.
E.g. An I/O tick of 20ms, and it would only return on 20ms boundaries, then almost every SSD would look the same.
It would slow down the API a bit, but privacy has tradeoffs.