From owner-freebsd-security Thu May 20 23:42:13 1999 Delivered-To: freebsd-security@freebsd.org Received: from xylan.com (postal.xylan.com [208.8.0.248]) by hub.freebsd.org (Postfix) with ESMTP id 4D74514A2E for ; Thu, 20 May 1999 23:42:10 -0700 (PDT) (envelope-from wes@softweyr.com) Received: from mailhub.xylan.com by xylan.com (8.8.7/SMI-SVR4 (xylan-mgw 2.2 [OUT])) id XAA17406; Thu, 20 May 1999 23:42:05 -0700 (PDT) Received: from omni.xylan.com by mailhub.xylan.com (SMI-8.6/SMI-SVR4 (mailhub 2.1 [HUB])) id XAA22806; Thu, 20 May 1999 23:42:05 -0700 Received: from softweyr.com ([204.68.178.39]) by omni.xylan.com (4.1/SMI-4.1 (xylan engr [SPOOL])) id AA03472; Thu, 20 May 99 23:42:02 PDT Message-Id: <3745003A.874424CD@softweyr.com> Date: Fri, 21 May 1999 00:42:02 -0600 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.5 [en] (X11; U; FreeBSD 3.1-RELEASE i386) X-Accept-Language: en Mime-Version: 1.0 To: Darren Reed Cc: freebsd-security@FreeBSD.ORG Subject: Re: secure deletion References: <199905201013.UAA12994@avalon.reed.wattle.id.au> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Darren Reed wrote: > > So properly in this case means using memset rather than bzero and a > variable number of passes, correct (with perhaps a programmable pattern) ? > Being able to verify that the file's contents get nuked to the value the > pass is meant to have set it to might be worthwhile. > > After the first pass, I'm not sure that there is any meaningful addition > to the security of the erased data. You're wrong here. > Access to sophisticated machinery is required to circumvent it, Any anyone with $100 has access to that machinery -- disk recovery houses. In some cases, you can read it from an ordinary controller; overwriting disk blocks with zeros often doesn't erase the one bits enough to keep the head from reading back the same you to were trying to overwrite. > but if that is what you're trying to protect > against then why fool yourself by deploying a level of security that is > known to be less than Government bodies who physically destroying disks. > > I don't think you understand the problem properly if you think it can be > coded "correctly" - what you're proposing just isn't possible via software > where one overwrite is pretty much as good as multiple. But one overwrite isn't anywhere near as good as multiples, especially if you pay a little attention to how disk drives actually record data. The real key is to rotate the individual bits between 1 and 0 multiple times so you are erasing deeply into the recording media and not leaving "generations" of data on the platter. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC http://www.softweyr.com/~softweyr wes@softweyr.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message