lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1094838111.20581.68.camel@localhost.localdomain>
Date: Fri, 10 Sep 2004 10:41:51 -0700
From: Jake Appelbaum <jacob@...elbaum.net>
To: "Thomas C. Greene" <thomas.greene@...register.co.uk>,
	bugtraq@...urityfocus.com
Subject: Re: New Data Wipe Tools

On Wed, 2004-09-08 at 17:10, Thomas C. Greene wrote:
> I've created a few simple shell scripts that use /dev/urandom to wipe data 
> from the swap partition, wipe unused disk space on the root partition, or 
> wipe an entire disk.  You'll find them at http://basicsec.org/tools.html.

While I think it's very useful to use a random source of data, you might
also want to try using 'aespipe' from the loop-aes package
(http://loop-aes.sf.net). You can pipe /dev/zero at aespipe. With random
keys you have a much faster source of data to fill the device.

Change the key each overwrite and overwrite a number of times.

> Data hygiene is generally easier on *nix because there are fewer hiding places 
> than on a Windows system, but there are no free wipe tools that i'm aware of.  
> So I got busy.

It only seems easier. But the data isn't gone per se.

> 
> This is not a perfect solution, but it's a step.  I'd be delighted to knows 
> from fellow list members what I might do to improve them.  The scripts are 
> freely available and freely modifyable (is "modifyable" a legitimate word?) 

I suggest at the very least, multiple overwrites. A single overwrite
isn't going to erase the data in an unrecoverable manner. It's better
than just rm'ing the file, but it's still recoverable. It really depends
on the threat you are worried about. If it's your kid sister, a simple
'rm -rf' might do. If it's a place where you're selling your hard drive
on ebay, you might want to wipe the entire drive*. If you're worried
that the FBI is going to kick down your door (and you haven't been
served just yet), you want to wipe the drive many times over. Then open
it, sand it down and put it in the microwave for effect :-)

Magnetic force microscopy is a threat that is very real for many people.

It would be of great help for you to read this paper:
http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html

You could also tell users to start off with proper disk encryption in
the first place. It doesn't matter as much about wiping a disk when all
of the data is encrypted. We can all dream, can't we?

If you are really interested, I suggest you also pick up a copy of
"Computer Forensics" by Kruse and Heiser.

* for the record I would not sell my hard drive on ebay with one wipe or
even with many. I know I have bought a few drives just to practice my
recovery skills, I am sure others do this as well.
-- 
Jake Appelbaum <jacob@...elbaum.net>

Download attachment "signature.asc" of type "application/pgp-signature" (156 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ