From owner-freebsd-security Thu Nov 18 22:57:45 1999 Delivered-To: freebsd-security@freebsd.org Received: from ind.alcatel.com (postal.xylan.com [208.8.0.248]) by hub.freebsd.org (Postfix) with ESMTP id 7715C15592; Thu, 18 Nov 1999 22:57:42 -0800 (PST) (envelope-from wes@softweyr.com) Received: from mailhub.xylan.com (mailhub [198.206.181.70]) by ind.alcatel.com (8.9.3+Sun/8.9.1 (ind.alcatel.com 3.0 [OUT])) with SMTP id WAA26709; Thu, 18 Nov 1999 22:57:41 -0800 (PST) X-Origination-Site: <ind.alcatel.com> Received: from omni.xylan.com by mailhub.xylan.com (SMI-8.6/SMI-SVR4 (mailhub 2.1 [HUB])) id WAA02302; Thu, 18 Nov 1999 22:57:41 -0800 Received: from softweyr.com ([204.68.178.39]) by omni.xylan.com (4.1/SMI-4.1 (xylan engr [SPOOL])) id AA20912; Thu, 18 Nov 99 22:57:37 PST Message-Id: <3834F4E0.AE012B12@softweyr.com> Date: Thu, 18 Nov 1999 23:57:36 -0700 From: Wes Peters <wes@softweyr.com> Organization: Softweyr LLC X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 3.1-RELEASE i386) X-Accept-Language: en Mime-Version: 1.0 To: Kris Kennaway <kris@hub.freebsd.org> Cc: TrouBle <trouble@netquick.net>, freebsd-security@FreeBSD.ORG Subject: Re: secure filesystem wiping References: <Pine.BSF.4.21.9911181733060.38437-100000@hub.freebsd.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Kris Kennaway wrote: > > > I don't understand why you think that the person who wrote the Linux tool > is privy to some kind of enlightened knowledge which us poor FreeBSD'ers > (and the security researches who authored the aforementioned papers on > secure deletion) aren't. If Wes Peters wrote some impressive drivel to > attach to his 'obliterate' program about how kick-arse it is, would it > make you happier? In fact, wipe uses the same overwrite algorithm obliterate does. The problem is trouBle seems to have assumed wipe has a really neat feature that just isn't there: the ability to zot disk sectors that are not currently allocated, on a live filesystem. This is a neat idea, but well past my knowlege of filesystems at this time. > AXIOM 1) take all claims made by the vendor about the abilities of > their software with a very large handful of NaCl. > > Exercise for the novice reader: apply Axiom 1 to the Linux 'wipe' program. > > Exercise 2: apply axiom 1 to the secure deletion utility "FileSpanker" > which can be found at http://www.freebsd.org/~kris/filespanker.sh Snort. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message