Am Donnerstag 17 Juni 2010 schrieb Michael Lange: > Und aus http://wiki.ubuntuusers.de/wipe entnehme ich > > Wipe ist ein Kommandozeilenprogramm zum sicheren Löschen und > Überschreiben von Dateien, Ordnern und Device-Files (wie zum > Beispiel Partitionen). Dateien, die auf diese Weise entfernt > werden, können selbst mit forensischen Methoden der Spezialisten nicht > mehr wiederhergestellt werden und sind unwiderruflich zerstört. Im > Unterschied zu shred kann Wipe auch Ordner löschen und bietet ein paar > mehr Einstellungsmöglichkeiten. > > was nahelegt, dass der Vorposter doch prinzipiell recht hat. Nope. Siehe meine Erklärungen dazu. Und die Manpage von wipe: NOTE ABOUT JOURNALING FILESYSTEMS AND SOME RECOMMENDATIONS (JUNE 2004) Journaling filesystems (such as Ext3 or ReiserFS) are now being used by default by most Linux distributions. No secure deletion program that does filesystem-level calls can sanitize files on such filesystems, because sensitive data and metadata can be written to the journal, which can‐ not be readily accessed. Per-file secure deletion is bet‐ ter implemented in the operating system. [...] Be aware that harddisks are quite intelligent beasts those days. They transparently remap defective blocks. This means that the disk can keep an albeit corrupted (maybe slightly) but inaccessible and unerasable copy of some of your data. Modern disks are said to have about 100% trans‐ parent remapping capacity. You can have a look at recent discussions on Slashdot. [... Verschwörungstheoretische Überlegungen ...] IMPORTANT WARNING -- READ CAREFULLY [...] Similarly, we cannot guarantee that wipe will actually erase data, or that wiped data is not recoverable by advanced means. So if nasties get your secrets because you sold a wiped harddisk to someone you don't know, well, too bad for you. [...] The best way to sanitize a storage medium is to subject it to temperatures exceeding 1500K. As a cheap alternative, you might use wipe at your own risk. Be aware that it is very difficult to assess whether running wipe on a given file will actually wipe it -- it depends on an awful lot of factors, such as : the type of file system the file resides on (in particular, whether the file system is a journaling one or not), the type of storage medium used, and the least significant bit of the phase of the moon. Wiping over NFS or over a journalling filesystem (ReiserFS etc.) will most probably not work. Therefore I strongly recommend to call wipe directly on the corresponding block device with the appropriate options. However THIS IS AN EXTREMELY DANGEROUS THING TO DO. Be sure to be sober. Give the right options. In particular : don't wipe a whole harddisk (eg. wipe -kD /dev/hda is bad) since this will destroy your master boot record. Bad idea. Prefer wiping partitions (eg. wipe -kD /dev/hda2) is good, provided, of course, that you have backed up all necessary data. Das geht also ganz in die Richtung meiner Überlegungen, dass es gar nicht so leicht ist, zu sagen, ob wipe die Daten wirklich an Ort und Stelle überschreibt und ob es keine anderen Kopien durch Remapping defekter Blöcke und Ähnliches gibt. Ciao, -- Martin 'Helios' Steigerwald - http://www.Lichtvoll.de GPG: 03B0 0D6C 0040 0710 4AFA B82F 991B EAAC A599 84C7
Attachment:
signature.asc
Description: This is a digitally signed message part.