Prev: pam_ssh for regular users only
Next: new notifications in squeeze
From: Aaron Toponce on 15 Jul 2010 18:00
On 07/15/2010 11:55 AM, H.S. wrote:
> I was looking for just making the already deleted files unrecoverable by
> a casual user. In other words, since a deleted file frees the space on
> disk, by filling up the disk with all zeros and then deleting that zeros
> file would be overwriting the earlier deleted files with zero. Am I
> correct in this?

If the filesystem is NTFS, then it's rather trivial to recover
overwritten data, due to the journal. While you're probably safe in
assuming that the next user won't bother doing anything like that, the
only way to truly, and securely remove the previous data, is to wipe out
the filesystem too, which means taking out the OS.

On the flip, I've been happy with "Eraser": http://eraser.heidi.ie/

Good luck.

--
. O . O . O . . O O . . . O .
. . O . O O O . O . O O . . O
O O O . O . . O O O O . O O O

From: Michael Iatrou on 15 Jul 2010 20:50
When the date was Thursday 15 of July 2010, green wrote:

> thib wrote at 2010-07-15 13:13 -0500:
> > Take a look at shred (coreutils), wipe and secure-delete.
>
> +1 wipe; I have used it to wipe an entire block device.
> Also wipe2fs for zeroing unused space; and zerofree seems very similar.

I am skeptical whether there is any good reason for tools like wipe2fs,
zerofree and friends (if there are any...), when a dd && sync && rm have the
same result.

--
Michael Iatrou


--
To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org
Archive: http://lists.debian.org/201007151946.47484.m.iatrou(a)freemail.gr
From: Jordon Bedwell on 15 Jul 2010 21:30
On 7/15/2010 4:53 PM, Aaron Toponce wrote:
> On 07/15/2010 11:55 AM, H.S. wrote:
>> I was looking for just making the already deleted files unrecoverable by
>> a casual user. In other words, since a deleted file frees the space on
>> disk, by filling up the disk with all zeros and then deleting that zeros
>> file would be overwriting the earlier deleted files with zero. Am I
>> correct in this?
>
> If the filesystem is NTFS, then it's rather trivial to recover
> overwritten data, due to the journal. While you're probably safe in
> assuming that the next user won't bother doing anything like that, the
> only way to truly, and securely remove the previous data, is to wipe out
> the filesystem too, which means taking out the OS.
>
> On the flip, I've been happy with "Eraser": http://eraser.heidi.ie/
>
> Good luck.
>

On 7/15/2010 4:53 PM, Aaron Toponce wrote:
> On 07/15/2010 11:55 AM, H.S. wrote:
>> I was looking for just making the already deleted files unrecoverable by
>> a casual user. In other words, since a deleted file frees the space on
>> disk, by filling up the disk with all zeros and then deleting that zeros
>> file would be overwriting the earlier deleted files with zero. Am I
>> correct in this?
>
> If the filesystem is NTFS, then it's rather trivial to recover
> overwritten data, due to the journal. While you're probably safe in
> assuming that the next user won't bother doing anything like that, the
> only way to truly, and securely remove the previous data, is to wipe out
> the filesystem too, which means taking out the OS.
>
> On the flip, I've been happy with "Eraser": http://eraser.heidi.ie/
>
> Good luck.
>

Anything, and I repeat anything, is recoverable, even if you remove the
filesystem you can recover pieces of the file. You can remove remnants
of the file using over write methods but you need to make sure they
properly implement the algorithm and do your own research on the
algorithms to make sure they were designed or were updated for modern
hard drives. EXP: Gutmann method was designed for older HD's and will
not work on newer HD's most of the time (depending on who implements
it). Now, removing remnants of the file doesn't make it unrecoverable
(in all circumstances), you might be able to still do a very low level
recovery, something they would generally reserve for say, a RICO
investigation, terrorists an those sorts. The only way to stop any and
all data leaks, recoveries or anything of the sort is to either Degauss,
Destroy or use Encryption on the drive from the get go and to be honest,
the only proper implementation of drive encryption (beyond the actual
encryption) would be RedHat (and this is only because they offer the
ability to span encryption across multiple drives and recommend it) and
no drive encryption (beyond truecrypt) offers deniability. Something
I've brought up on both Debian and Ubuntu and even to Redhat. As a
matter of fact, Ubuntu developers fought with me over the idea telling
me that only criminals could possibly want plausible deniability, but
Ubuntu is rather closed minded most of the time when it comes to this
sort of thing.


--
Cheers,

Jordon Bedwell
http://envygeeks.com


--
To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org
Archive: http://lists.debian.org/4C3FABB5.3050105(a)envygeeks.com
From: Jordan Metzmeier on 16 Jul 2010 09:00
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 07/15/2010 08:46 PM, Michael Iatrou wrote:
> I am skeptical whether there is any good reason for tools like wipe2fs,
> zerofree and friends (if there are any...), when a dd && sync && rm have the
> same result.
>

You could say this about many things. These commands make things
convenient. Why do those things manually when software can do it for you?

Example:

Under the same logic I could say that there no good reason for dget. I
can manually wget the .dsc, .tar.orig and .changes to accomplish the
same thing... but why when I can just dget the .dsc?

- --
Jordan Metzmeier

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQIcBAEBCAAGBQJMQFdFAAoJEKj/C3qNthmTn5AQAMmaKvluxNTegvwDvy3KB9Zc
JSTVmhEIHclLe5PGpcUAWeapxndblGqTUuOYNvdbSzbBc8pOJrMCmfmNEqDs8A0M
oMYTcxJnTpbM/Wfn9IuehGMFIXfCc73h932Zt5XwNYHnPTjTfyQOFvm3ZNNNO31b
wYAsmA6fEnPUWYt6fZpO7I1xIt5zCnSKVdLdgBwDEXcW8I7BemiJw5gTSsy7zafF
USLkucuchyB1XrEffWwVpYBsWQu1A9ge5LZXquTUj6M42kiPovS38yL5ytw6k9rk
uFb+CgFwsQ8rRh2ndxuBUDzDMf2bAnuOKAzfCldHyjkNVABhZ4iJchV8lU6RvEEy
DoWj8DO8kAAX7qszeiPG6rviQ5S8uCYf4lp2QITGBq3Frly1JhEG0Kk8efSu0Rhh
TEbPQ2bLVcDxpwqk6xFMQ5GC575UgZYP8qSEq8qbF6H+KEIFRsHwwrwtNjwV4heE
E5X/hB9WnKBluXxdhMly48jEs8fjkYkz06DK+Ykk+t9Qu6y/9A+7js6D6Q3iVNy8
j8sf4hvKZtJC1WoLLAhpmsUsaurH+qFjf5j6480Xy9OweB5Dhhs3eaCrFZYKqHay
khXPVfsyl7Md//UeDrQGLk2kGXf5fC2MwqIZsZ5dhki89yzY3Ra4iLBukN3E+JcW
X8pzceBFE2AYGNn8h4AL
=fod2
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org
Archive: http://lists.debian.org/4C405746.6030106(a)gmail.com
From: green on 16 Jul 2010 11:10
Mark wrote at 2010-07-15 15:55 -0500:
> Do you have an example of what your wipe and wipe2fs commands are that
> you've used? Didn't see much info on the websites here
> [2]http://wipe.sourceforge.net/ or here

$ man wipe
There are even examples.

> [3]http://web.cecs.pdx.edu/~cklin/wipe2fs/. Would like to learn.

$ man wipe2fs

I'm not sure whether it is okay to do a readonly mount with wipe2fs, but it is
with zerofree.

$ man zerofree


If you don't understand the man pages, feel free to ask again.
First  |  Prev  |  Next  |  Last
Pages: 1 2 3 4 5
Prev: pam_ssh for regular users only
Next: new notifications in squeeze