On 9/25/12 2:55 PM, Greg Freemyer wrote:
On Tue, Sep 25, 2012 at 11:32 AM, Jim Flanagan <linuxjim@jjfiii.com> wrote:
On 9/17/12 6:58 PM, Greg Freemyer wrote:
All,
I was just thinking about file wiping tools in opensuse.
In general file wiping tools are used if you have an important file you want to wipe (overwrite) before deleting.
In the distro we have shred and wipe that do this, and in OBS we have srm and secure-delete (10 years old).
It is clearly an issue that people are concerned about, but none of them seem to even try to address:
- file remnants which maybe in the filesystem journal - backup copies of the files in snapshots (LVM, btrfs, ext4 snapshots) - wiping of unallocated space to overwrite earlier drafts which may have been deleted but are still in unallocated - SSDs and there potential for sector remapping during the write operation. - the swap partition can hold copies of data that is unencrypted in ram
I realize a none of the above are trivial, but it seems they should make some effort to at least warn the user of the issues.
Does opensuse have a file wiping tool that attempts to sanitize any of the above?
If so, I'd like to create a simple wiki page that covers this topic. At present it seems the page will mostly discuss issues, and not have much in the way of solutions.
Greg
I don't know about a tool, but I think writing random data to a drive should do the trick. Once, or maybe a couple of times.
I saw this in an article yesterday, not related to wiping per se, but should work.
-----
dd if=/dev/random of=/dev/sda – Writes Junk Onto a Hard Drive
That is obviously designed to wipe an entire drive, not spot clean a single file like srm, shred, and wipe can in theory do.
OK, I see more what you are looking for now. Wipe a singe file or directory. Hum. No sure about how Linux handles things, but on Windows, there are LOTS of remnants left over just by viewing a file. Delete and wipe a single file, and there are lots of places in Windows you can see what was opened, and some or all of what was in that file. All over the place. Perhaps Linux is not so sloppy (for lack of a better word). The only way I can see to get around this is whole drive encryption. With, or course, a very good password. The remnants would still be there but encrypted from prying eyes.
fyi: That will also abort on a write error. Not very cool if you want to ensure you're actually wiping the full drive.
I didn't realize it would abort on error. Definitely not optimal. Is there a command to add to force continue? Jim F -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org