Date: Fri, 21 May 1999 19:08:00 -0400 (EDT) From: Snob Art Genre <ben@narcissus.net> To: Patrick Bihan-Faou <patrick@mindstep.com> Cc: Darren Reed <darrenr@reed.wattle.id.au>, Gregory Sutter <gsutter@pobox.com>, wes@softweyr.com, imp@harmony.village.org, ilmar@ints.ru, posix1e@cyrus.watson.org, freebsd-security@FreeBSD.ORG Subject: Re: secure deletion Message-ID: <Pine.BSF.3.96.990521185533.42784B-100000@narcissus.net> In-Reply-To: <19990520145800.B5E31150AF@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 20 May 1999, Patrick Bihan-Faou wrote: > - basic: what the original poster was suggesting: writing garbage data (be > it zero or some pattern) over the deleted chunks. The clear advantage of > that is that if you try to recover the freed blocks on a system comparable > to the original system, you will probably not get anything useful out of the > disk. If I understand correctly, it's conceivable that someone could break into my system over the network and get access to the raw disk device, and thereby read data that have been deleted but not overwritten. That's a good bit easier than physically breaking in and taking the disk. So I can see some use for functionality that overwrites files on unlink() thoroughly enough to prevent further reading by the disk head, even if it offers no protection against the kind of specialized reading devices that can be used on a captured hard disk platter. I'm not advocating this measure so much as pointing out that there is a perceptible level of security between what we currently have and military-grade. Ben @narcissus.net -- finally To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990521185533.42784B-100000>