[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200412170424.24427.thomas.greene@theregister.co.uk>
Date: Fri, 17 Dec 2004 04:24:24 -0500
From: "Thomas C. Greene" <thomas.greene@...register.co.uk>
To: David Cannings <lists@...ca.net>, bugtraq@...urityfocus.com
Subject: Re: *nix data wipe tools
BCWipe for *nix is a bit complicated for novices. AFAIK, it does not
automatically do swapoff, mkswap & swapon, so some users will either not wipe
their swap device (most likely), or will wipe it and fail to get it working
again. My humble WipeSwap script -- all eleven lines of it -- will
automatically detect the swap device, turn it off, wipe it, re-create it, and
turn it back on for you. Because it's easy to use and safe, more users will
be encouraged to clean out that rat's nest of data traces now and then.
Also, BCWipe can be dangerous in some hands: a simple typo, and there goes a
working disk volume. My scripts are separate and clearly labeled. It's
impossible to destroy data with the WipeSwap or WipeFree scripts. Only the
WipeAll script will do that, and it's disabled by default. Thus, unless you
are at least an experienced user, you will have to read the README to get
that one working.
Furthermore, my scripts (http://basicsec.org/tools.html) are incredibly simple
and totally transparent. Almost anyone can understand what they do. You
don't have to take my word for *anything*.
OTOH, BCWipe uses a more secure wiping routine, they say. But once you've
gone from merely deleting to filling with several passes of random data,
there is little more to get out of a software solution, except a false sense
of security. The next logical level, really, is physical destruction.
Still, there is always room for improvement, and several list members have
made excellent suggestions for improving the scripts. I'll be posting
updated versions in a few weeks' time, as soon as i get them all tested on
enough different systems.
chrz,
t.
On Thursday 16 December 2004 15:06, David Cannings wrote:
> Is there any specific advantage of these scripts over bcwipe?
>
> http://www.jetico.com/index.htm#/bcwipe_unix.htm
>
> David
Powered by blists - more mailing lists