lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200412170424.24427.thomas.greene@theregister.co.uk>
Date: Fri, 17 Dec 2004 04:24:24 -0500
From: "Thomas C. Greene" <thomas.greene@...register.co.uk>
To: David Cannings <lists@...ca.net>, bugtraq@...urityfocus.com
Subject: Re: *nix data wipe tools


BCWipe for *nix is a bit complicated for novices.  AFAIK, it does not 
automatically do swapoff, mkswap & swapon, so some users will either not wipe 
their swap device (most likely), or will wipe it and fail to get it working 
again.  My humble WipeSwap script -- all eleven lines of it -- will 
automatically detect the swap device, turn it off, wipe it, re-create it, and 
turn it back on for you.  Because it's easy to use and safe, more users will 
be encouraged to clean out that rat's nest of data traces now and then.

Also, BCWipe can be dangerous in some hands: a simple typo, and there goes a 
working disk volume.  My scripts are separate and clearly labeled.  It's 
impossible to destroy data with the WipeSwap or WipeFree scripts.  Only the 
WipeAll script will do that, and it's disabled by default.  Thus, unless you 
are at least an experienced user, you will have to read the README to get 
that one working.  

Furthermore, my scripts (http://basicsec.org/tools.html) are incredibly simple 
and totally transparent.  Almost anyone can understand what they do.  You 
don't have to take my word for *anything*.  

OTOH, BCWipe uses a more secure wiping routine, they say.  But once you've 
gone from merely deleting to filling with several passes of random data, 
there is little more to get out of a software solution, except a false sense 
of security.  The next logical level, really, is physical destruction.  

Still, there is always room for improvement, and several list members have 
made excellent suggestions for improving the scripts.  I'll be posting 
updated versions in a few weeks' time, as soon as i get them all tested on 
enough different systems.

chrz,
t.

On Thursday 16 December 2004 15:06, David Cannings wrote:
> Is there any specific advantage of these scripts over bcwipe?
>
> http://www.jetico.com/index.htm#/bcwipe_unix.htm
>
> David





Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ