[Nottingham] Secure deletion of files

Martin Garton martin at stupids.org
Thu May 26 12:50:13 BST 2005


On Thu, 2005-05-26 at 12:27 +0100, Jon Masters wrote:

> This comes back to my point about not trusting a disk's built in secure
> delete functionalitiy either. If you have no control over the process,
> how do you /know/ it actually did what you asked (well, you could try
> doing the forensics bit yourself). No, the best thing in cases of
> security is always to assume the other guy can't get it right and you
> need to do it yourself. Or is that paranoia?

Well you can't really trust any functionality that you can't verify.
All you can reasonably verify about a disks behaviour is that after you
write to it you get the same data back when you read from it next time.
(and even that is only shown inductively) It could be secretly keeping
previous version of all the blocks somewhere.  If you really want the
data to be safely deleted it should have been written to a dm_crypt
partition mounted using a random key and unmounted only when you no
longer need the data. (just make sure you don't have a crash or power
outage!)

Of course that assumes you can trust at least your processor and ram and
probably more.

-- 
Martin.





More information about the Nottingham mailing list