[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <54D0ED08.1010405@ahsoftware.de>
Date: Tue, 03 Feb 2015 16:45:12 +0100
From: Alexander Holler <holler@...oftware.de>
To: One Thousand Gnomes <gnomes@...rguk.ukuu.org.uk>
CC: linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 0/5] RFC: Offer a way for userspace to request real deletion
of files
Am 03.02.2015 um 16:15 schrieb One Thousand Gnomes:
>> What's the answer? Easy and obvious, just (try to) overwrite the contents
>> of a file by request from userspace. Filesystems do know where on the
>> storage they have written the contents to, so why not just let them delete
>> that stuff themself instead? It's almost unbelievable that this was not
>> already done in the past 30 years.
>
> Easy, obvious and wrong 8)
>
> The last PC hard disks that were defined to do what you told them where
> ST-506 MFM and RLL devices. IDE disks are basically 'disk emulators',
> SSDs vastly more so.
>
> An IDE disk can do what it likes with your I/O so long as your requests
> and returns are what the standard expects. So for example if you zero a
> sector its perfectly entitled to set a bit in a master index of zeroed
> sectors. You can't tell the difference and externally it looks like
> an ST506 disc with extensions. Even simple devices may well move blocks
> around to deal with bad blocks, or high usage spots to avoid having to
> keep rewriting the tracks either side.
>
> An SSD internally has minimal relationship to a disc. If you have the
> tools to write a file, write over it, discard it and then dump the flash
> chips you'll probably find it's still there.
>
> If you plug a Raspberry Pi into a modern large hard disk, the chances are
> the smarter end of the cable is the disk.
Thanks for the explanations, also I was aware of all that. But I still
hope some human sense on this list is still left and repeat it again:
This feature isn't about military security.
This feature isn't about military security.
This feature isn't about military security.
This feature isn't about military security.
It's meant to make it impossible for most (ordinary) people to recover
deleted contents. Including most black hats. Of course there might be
some governments, companies or similiar organizations with are able to
spend an unbelievable amount of resources to recover such stuff. Maybe
even some mentalist might be able to recover it. What do I know? But I
and most other people don't care for these use cases. They would be
happy if at least the most trivial cases to recover deleted contents
could be avoided.
Regards,
Alexander Holler
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists