Deutsch English Français Italiano |
<17c61ea455c5e0ad$6951$1416093$802601b3@news.usenetexpress.com> View for Bookmarking (what is this?) Look up another Usenet article |
From: Lester Thorpe <lt@gnu.rocks> Subject: Re: GNU/Linux is Best for Secure File Deletion Newsgroups: comp.os.linux.advocacy References: <17c5f82935bc92a9$138448$3565594$802601b3@news.usenetexpress.com> <uvf4cj$31huu$1@dont-email.me> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Lines: 51 Path: ...!news.misty.com!weretis.net!feeder6.news.weretis.net!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!feeder.usenetexpress.com!tr2.iad1.usenetexpress.com!news.usenetexpress.com!not-for-mail Date: Sun, 14 Apr 2024 10:26:39 +0000 Nntp-Posting-Date: Sun, 14 Apr 2024 10:26:39 +0000 X-Received-Bytes: 2276 Organization: UsenetExpress - www.usenetexpress.com X-Complaints-To: abuse@usenetexpress.com Message-Id: <17c61ea455c5e0ad$6951$1416093$802601b3@news.usenetexpress.com> Bytes: 2687 On Sat, 13 Apr 2024 23:27:15 -0000 (UTC), vallor wrote: > > SHRED(1) User Commands SHRED(1) > > NAME > shred - overwrite a file to hide its contents, and op‐ > tionally delete it > > SYNOPSIS > shred [OPTION]... FILE... > > DESCRIPTION > Overwrite the specified FILE(s) repeatedly, in order to > make it harder for even very expensive hardware probing > to recover the data. > srm is much better: DESCRIPTION srm is designed to delete data on mediums in a secure manner which can not be recovered by thiefs, law enforcement or other threats. The wipe algorythm is based on the paper "Secure Deletion of Data from Magnetic and Solid-State Memory" presented at the 6th Usenix Security Symposium by Peter Gutmann, one of the leading civilian cryptographers. The secure data deletion process of srm goes like this: * 1 pass with 0xff * 5 random passes. /dev/urandom is used for a secure RNG if available. * 27 passes with special values defined by Peter Gutmann. * 5 random passes. /dev/urandom is used for a secure RNG if available. * Rename the file to a random value * Truncate the file As an additional measure of security, the file is opened in O_SYNC mode and after each pass an fsync() call is done. srm writes 32k blocks for the purpose of speed, filling buffers of disk caches to force them to flush and overwriting old data which belonged to the file. ========== There is also "sswap" to perform a similar action on the swap file, although it is doubtful that swap is still used much, if at all, nowadays.