Re: secure erasure of files?

From: Andreas Dilger (adilger@turbolabs.com)
Date: Tue Feb 19 2002 - 15:01:27 EST


On Feb 19, 2002 19:48 +0100, Rogier Wolff wrote:
> Maybe the difference is in "what's the goal". For datarecovery we
> don't really care about just a couple of bits here and there: We want
> to piece together the whole thing.
>
> If you don't want a piece of your data getting into wrong hands
> however, you'd better be safe than sorry.
>
> So I (and the Ibas guy) are talking about practical recovery of a
> useful amount of data, while even a couple of bits is in theory
> dangerous if you really want it "gone".

So, as others have said, if your data is so important that you are
worried about people taking the platter and putting it under a
scanning-tunneling microscope (or whatever is in vogue) to recover
deleted data, then you should be one million times as worried about
undeleted data on the same disk (i.e. what happens if they steal or
copy the disk _before_ you delete this precious data).

The net result is that this data should never hit the disk unencrypted
in the first place, at which point you don't need to worry about the
deletion step. You have encrypted swap and encrypted loopback filesystems,
and you have proper procedure to ensure the keys are safe, and all is well.

Cheers, Andreas

--
Andreas Dilger
http://sourceforge.net/projects/ext2resize/
http://www-mddsp.enel.ucalgary.ca/People/adilger/

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Sat Feb 23 2002 - 21:00:21 EST