From owner-freebsd-security Tue Jun 29 4:15:43 1999 Delivered-To: freebsd-security@freebsd.org Received: from ns1.yes.no (ns1.yes.no [195.204.136.10]) by hub.freebsd.org (Postfix) with ESMTP id A1C1914C87 for ; Tue, 29 Jun 1999 04:15:32 -0700 (PDT) (envelope-from eivind@bitbox.follo.net) Received: from bitbox.follo.net (bitbox.follo.net [195.204.143.218]) by ns1.yes.no (8.9.1a/8.9.1) with ESMTP id NAA22862; Tue, 29 Jun 1999 13:15:30 +0200 (CEST) Received: (from eivind@localhost) by bitbox.follo.net (8.8.8/8.8.6) id NAA61439; Tue, 29 Jun 1999 13:15:29 +0200 (MET DST) Date: Tue, 29 Jun 1999 13:15:29 +0200 From: Eivind Eklund To: Wes Peters Cc: cjclark@home.com, FreeBSD Security Subject: Re: Secure Deletion Message-ID: <19990629131529.A61249@bitbox.follo.net> References: <199906250212.WAA07810@cc942873-a.ewndsr1.nj.home.com> <3773F67A.CC9B6215@softweyr.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.1i In-Reply-To: <3773F67A.CC9B6215@softweyr.com>; from Wes Peters on Fri, Jun 25, 1999 at 03:36:58PM -0600 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, Jun 25, 1999 at 03:36:58PM -0600, Wes Peters wrote: > This won't do it, if you're really interested in obliterating the file > contents. What you want to do is overwrite the file blocks with ^^^^ disk > alternating patterns of 10101010 then 01010101 at least 100 times. > Due to the way modern recording formats work, and the memory of the > cells that actually store the bits on the disk, anything less won't > really erase the disk. More or less correct. There are a lot of details to this, and just writing 0x55/0xaa as normal data values won't make them hit the disk that way. Since what I have to write about this topic would just end up being a paraphrase of what Peter Gutmann has to say, I suggest you read the paper he presented at Usenix 1996: http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html Eivind. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message