[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [debian-knoppix] Re: Secure Deleting


On Wed, Nov 06, 2002 at 06:09:51PM +0100, Kester Habermann wrote:
> On Wed, Nov 06, 2002 at 05:32:56PM +0100, Nils Magnus wrote:

> > New files with zeroes is not a good idea. I recommend everyone to get
> > yourself a picture of a raster-ray-microscope in the magnectic spectrum
> > to see what is left after such attemps ... You most probably don't want
> > to write files to journaled partions if you need to delete them in a
> > secure manner on a by-file basis.
> > 
> > However, if your systems are not journaled, the dd-method is not too
> > bad, if you aren't too paranoid. Be sure to use if=/dev/urandom instead
> > of /dev/zero or /dev/random.
> I haven't handled the raster-ray-microscope but I don't think there's
> a big difference in using 0's or random bits if you only overwrite the
> data once. Your argument goes that writing 0s or 1s is insecure as you
> can see traces of the old value under the microscope. The same is
> possible with random data, as you know the new value. It's only more
> work as the known new data isn't the same everywhere. I'd say writing
> random data twice or more times could be secure.

"secure" is most often the wrong term. At least there is no commonly
accepted definition for that. In real life "security" can only be seen
as "comformance with an arbritraty chosen level of suitable measures".

If "secure" means for you

that your fellow Windows-User cannot read it anymore, moving a file into
the waste basket will do,

that your fellow PC-aware User cannot read it anymore, using rm should

that one of those guys who spend nights with hunting for unallocated
blocks in a partions, dd if=/dev/zero will do,

that you want to make sure that the company hired by your multi-million
competitor whose proprietary plans for making cheap coke from waste water
won't find those plans, use wipe (and don't write to journals),

that even those three-letter companies won't be able to read it, crush
it with a hammer, disassemble the parts, grind it through an industrial
strengh metal shredder, burn it, melt it and finally spit on it.

You decide, your milage may vary,


Nils Magnus
Program-Chair LinuxTag 2003 Free Conference Program

LinuxTag 2003: Where .com meets .org - magnus@linuxtag.org
debian-knoppix mailing list

Reply to: