On 9/26/12 11:35 AM, Greg Freemyer wrote:
On Wed, Sep 26, 2012 at 11:06 AM, Jim Flanagan <linuxjim@jjfiii.com> wrote:
On 9/25/12 2:55 PM, Greg Freemyer wrote:
On Tue, Sep 25, 2012 at 11:32 AM, Jim Flanagan <linuxjim@jjfiii.com> wrote:
On 9/17/12 6:58 PM, Greg Freemyer wrote:
All,
I was just thinking about file wiping tools in opensuse.
In general file wiping tools are used if you have an important file you want to wipe (overwrite) before deleting.
In the distro we have shred and wipe that do this, and in OBS we have srm and secure-delete (10 years old).
It is clearly an issue that people are concerned about, but none of them seem to even try to address:
- file remnants which maybe in the filesystem journal - backup copies of the files in snapshots (LVM, btrfs, ext4 snapshots) - wiping of unallocated space to overwrite earlier drafts which may have been deleted but are still in unallocated - SSDs and there potential for sector remapping during the write operation. - the swap partition can hold copies of data that is unencrypted in ram
I realize a none of the above are trivial, but it seems they should make some effort to at least warn the user of the issues.
Does opensuse have a file wiping tool that attempts to sanitize any of the above?
If so, I'd like to create a simple wiki page that covers this topic. At present it seems the page will mostly discuss issues, and not have much in the way of solutions.
Greg
I don't know about a tool, but I think writing random data to a drive should do the trick. Once, or maybe a couple of times.
I saw this in an article yesterday, not related to wiping per se, but should work.
-----
dd if=/dev/random of=/dev/sda – Writes Junk Onto a Hard Drive
That is obviously designed to wipe an entire drive, not spot clean a single file like srm, shred, and wipe can in theory do.
OK, I see more what you are looking for now. Wipe a singe file or directory. Hum. No sure about how Linux handles things, but on Windows, there are LOTS of remnants left over just by viewing a file. Delete and wipe a single file, and there are lots of places in Windows you can see what was opened, and some or all of what was in that file. All over the place. Perhaps Linux is not so sloppy (for lack of a better word). The only way I can see to get around this is whole drive encryption. With, or course, a very good password. The remnants would still be there but encrypted from prying eyes.
fyi: That will also abort on a write error. Not very cool if you want to ensure you're actually wiping the full drive.
I didn't realize it would abort on error. Definitely not optimal. Is there a command to add to force continue?
Jim F
I "think" dd if=/dev/zero of=/dev/sda conv=noerror
But by design disk drives correct media errors on write by re-mapping the sectors.
Thus when you have a write error, either:
1) Your drive has run out of spare sectors to re-map to.
2) You have a controller / cable / power / etc. issue that is keeping the writes from working.
I have a client that does a lot of disk wiping via shred. I advise them that if a write error occurs, they should just physically destroy the drive instead of taking time to troubleshoot what the real cause of the problem is.
Greg
All this reminds me of all the hard drives in modern copy machines. These are almost all unencrypted, and unwiped. Huge amount of older or off-lease machines sitting in warehouses, or re-delivered to other customers, all with huge amounts of private data on the drives. This is criminal to not have a wipe solution built in to these copiers. Jim F -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org