From owner-freebsd-fs@FreeBSD.ORG Fri Jul 15 11:58:13 2005 Return-Path: X-Original-To: freebsd-fs@FreeBSD.ORG Delivered-To: freebsd-fs@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 19DE116A41C for ; Fri, 15 Jul 2005 11:58:13 +0000 (GMT) (envelope-from olli@lurza.secnetix.de) Received: from lurza.secnetix.de (lurza.secnetix.de [83.120.8.8]) by mx1.FreeBSD.org (Postfix) with ESMTP id 68C1843D48 for ; Fri, 15 Jul 2005 11:58:12 +0000 (GMT) (envelope-from olli@lurza.secnetix.de) Received: from lurza.secnetix.de (jktuxo@localhost [127.0.0.1]) by lurza.secnetix.de (8.13.1/8.13.1) with ESMTP id j6FBw9Lc011931 for ; Fri, 15 Jul 2005 13:58:09 +0200 (CEST) (envelope-from oliver.fromme@secnetix.de) Received: (from olli@localhost) by lurza.secnetix.de (8.13.1/8.13.1/Submit) id j6FBw96T011930; Fri, 15 Jul 2005 13:58:09 +0200 (CEST) (envelope-from olli) Date: Fri, 15 Jul 2005 13:58:09 +0200 (CEST) Message-Id: <200507151158.j6FBw96T011930@lurza.secnetix.de> From: Oliver Fromme To: freebsd-fs@FreeBSD.ORG In-Reply-To: <200507151014.j6FAEDt02003@parrot.ebi.ac.uk> X-Newsgroups: list.freebsd-fs User-Agent: tin/1.5.4-20000523 ("1959") (UNIX) (FreeBSD/4.11-RELEASE (i386)) Cc: Subject: Re: gbde blackening feature - how can on disk keys be "destroyed" thoroughly? X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: freebsd-fs@FreeBSD.ORG List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Jul 2005 11:58:13 -0000 David Kreil wrote: > [...] > So, even if one doesn't know how to disable device caching, if a typical disk > cash is 8MB, I suppose one could flush it through by writing 20MB. so, if one > has |key|20MB bla| on disk and one wrote |random|20MB bla| that should ge the > "random" bits overwriting the key on disk (but for hardware level sector > remapping but that is a rare event). One would have to bypass the operating > system cache though but I guess you would know how to do that, right? > This should take less than 1s on a modern disk, i.e., less than half a minute > for the entire procedure, x4 = 1-2 minutes, which should be fast enough for a > final destruction. That sounds like you want to overwrite the same location on the disk more than a hundred times. That's not even paranoid, it's completely pointless. I suggest you read this document, ESPECIALLY the section "Epilogue" near the end: http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html It suggests that -- with any modern hard disk drive -- a few passes (say three) of overwriting with random data are completely sufficient. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co KG, Marktplatz 29, 85567 Grafing Any opinions expressed in this message may be personal to the author and may not necessarily reflect the opinions of secnetix in any way. "I invented Ctrl-Alt-Delete, but Bill Gates made it famous." -- David Bradley, original IBM PC design team