From: Aaron Toponce on 15 Jul 2010 18:00 On 07/15/2010 11:55 AM, H.S. wrote: > I was looking for just making the already deleted files unrecoverable by > a casual user. In other words, since a deleted file frees the space on > disk, by filling up the disk with all zeros and then deleting that zeros > file would be overwriting the earlier deleted files with zero. Am I > correct in this? If the filesystem is NTFS, then it's rather trivial to recover overwritten data, due to the journal. While you're probably safe in assuming that the next user won't bother doing anything like that, the only way to truly, and securely remove the previous data, is to wipe out the filesystem too, which means taking out the OS. On the flip, I've been happy with "Eraser": http://eraser.heidi.ie/ Good luck. -- . O . O . O . . O O . . . O . . . O . O O O . O . O O . . O O O O . O . . O O O O . O O O
From: Michael Iatrou on 15 Jul 2010 20:50 When the date was Thursday 15 of July 2010, green wrote: > thib wrote at 2010-07-15 13:13 -0500: > > Take a look at shred (coreutils), wipe and secure-delete. > > +1 wipe; I have used it to wipe an entire block device. > Also wipe2fs for zeroing unused space; and zerofree seems very similar. I am skeptical whether there is any good reason for tools like wipe2fs, zerofree and friends (if there are any...), when a dd && sync && rm have the same result. -- Michael Iatrou -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/201007151946.47484.m.iatrou(a)freemail.gr
From: Jordon Bedwell on 15 Jul 2010 21:30 On 7/15/2010 4:53 PM, Aaron Toponce wrote: > On 07/15/2010 11:55 AM, H.S. wrote: >> I was looking for just making the already deleted files unrecoverable by >> a casual user. In other words, since a deleted file frees the space on >> disk, by filling up the disk with all zeros and then deleting that zeros >> file would be overwriting the earlier deleted files with zero. Am I >> correct in this? > > If the filesystem is NTFS, then it's rather trivial to recover > overwritten data, due to the journal. While you're probably safe in > assuming that the next user won't bother doing anything like that, the > only way to truly, and securely remove the previous data, is to wipe out > the filesystem too, which means taking out the OS. > > On the flip, I've been happy with "Eraser": http://eraser.heidi.ie/ > > Good luck. > On 7/15/2010 4:53 PM, Aaron Toponce wrote: > On 07/15/2010 11:55 AM, H.S. wrote: >> I was looking for just making the already deleted files unrecoverable by >> a casual user. In other words, since a deleted file frees the space on >> disk, by filling up the disk with all zeros and then deleting that zeros >> file would be overwriting the earlier deleted files with zero. Am I >> correct in this? > > If the filesystem is NTFS, then it's rather trivial to recover > overwritten data, due to the journal. While you're probably safe in > assuming that the next user won't bother doing anything like that, the > only way to truly, and securely remove the previous data, is to wipe out > the filesystem too, which means taking out the OS. > > On the flip, I've been happy with "Eraser": http://eraser.heidi.ie/ > > Good luck. > Anything, and I repeat anything, is recoverable, even if you remove the filesystem you can recover pieces of the file. You can remove remnants of the file using over write methods but you need to make sure they properly implement the algorithm and do your own research on the algorithms to make sure they were designed or were updated for modern hard drives. EXP: Gutmann method was designed for older HD's and will not work on newer HD's most of the time (depending on who implements it). Now, removing remnants of the file doesn't make it unrecoverable (in all circumstances), you might be able to still do a very low level recovery, something they would generally reserve for say, a RICO investigation, terrorists an those sorts. The only way to stop any and all data leaks, recoveries or anything of the sort is to either Degauss, Destroy or use Encryption on the drive from the get go and to be honest, the only proper implementation of drive encryption (beyond the actual encryption) would be RedHat (and this is only because they offer the ability to span encryption across multiple drives and recommend it) and no drive encryption (beyond truecrypt) offers deniability. Something I've brought up on both Debian and Ubuntu and even to Redhat. As a matter of fact, Ubuntu developers fought with me over the idea telling me that only criminals could possibly want plausible deniability, but Ubuntu is rather closed minded most of the time when it comes to this sort of thing. -- Cheers, Jordon Bedwell http://envygeeks.com -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/4C3FABB5.3050105(a)envygeeks.com
From: Jordan Metzmeier on 16 Jul 2010 09:00 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 07/15/2010 08:46 PM, Michael Iatrou wrote: > I am skeptical whether there is any good reason for tools like wipe2fs, > zerofree and friends (if there are any...), when a dd && sync && rm have the > same result. > You could say this about many things. These commands make things convenient. Why do those things manually when software can do it for you? Example: Under the same logic I could say that there no good reason for dget. I can manually wget the .dsc, .tar.orig and .changes to accomplish the same thing... but why when I can just dget the .dsc? - -- Jordan Metzmeier -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iQIcBAEBCAAGBQJMQFdFAAoJEKj/C3qNthmTn5AQAMmaKvluxNTegvwDvy3KB9Zc JSTVmhEIHclLe5PGpcUAWeapxndblGqTUuOYNvdbSzbBc8pOJrMCmfmNEqDs8A0M oMYTcxJnTpbM/Wfn9IuehGMFIXfCc73h932Zt5XwNYHnPTjTfyQOFvm3ZNNNO31b wYAsmA6fEnPUWYt6fZpO7I1xIt5zCnSKVdLdgBwDEXcW8I7BemiJw5gTSsy7zafF USLkucuchyB1XrEffWwVpYBsWQu1A9ge5LZXquTUj6M42kiPovS38yL5ytw6k9rk uFb+CgFwsQ8rRh2ndxuBUDzDMf2bAnuOKAzfCldHyjkNVABhZ4iJchV8lU6RvEEy DoWj8DO8kAAX7qszeiPG6rviQ5S8uCYf4lp2QITGBq3Frly1JhEG0Kk8efSu0Rhh TEbPQ2bLVcDxpwqk6xFMQ5GC575UgZYP8qSEq8qbF6H+KEIFRsHwwrwtNjwV4heE E5X/hB9WnKBluXxdhMly48jEs8fjkYkz06DK+Ykk+t9Qu6y/9A+7js6D6Q3iVNy8 j8sf4hvKZtJC1WoLLAhpmsUsaurH+qFjf5j6480Xy9OweB5Dhhs3eaCrFZYKqHay khXPVfsyl7Md//UeDrQGLk2kGXf5fC2MwqIZsZ5dhki89yzY3Ra4iLBukN3E+JcW X8pzceBFE2AYGNn8h4AL =fod2 -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/4C405746.6030106(a)gmail.com
From: green on 16 Jul 2010 11:10 Mark wrote at 2010-07-15 15:55 -0500: > Do you have an example of what your wipe and wipe2fs commands are that > you've used? Didn't see much info on the websites here > [2]http://wipe.sourceforge.net/ or here $ man wipe There are even examples. > [3]http://web.cecs.pdx.edu/~cklin/wipe2fs/. Would like to learn. $ man wipe2fs I'm not sure whether it is okay to do a readonly mount with wipe2fs, but it is with zerofree. $ man zerofree If you don't understand the man pages, feel free to ask again.
First
|
Prev
|
Next
|
Last
Pages: 1 2 3 4 5 Prev: pam_ssh for regular users only Next: new notifications in squeeze |