Date: Fri, 28 Nov 2003 00:14:49 -0800 From: Wes Peters <wes@softweyr.com> To: "Poul-Henning Kamp" <phk@phk.freebsd.dk>, Stefan =?iso-8859-1?q?E=DFer?= <se@freebsd.org> Cc: freebsd-hackers@freebsd.org Subject: Re: "secure" file flag? Message-ID: <200311280014.49356.wes@softweyr.com> In-Reply-To: <32476.1069741443@critter.freebsd.dk> References: <32476.1069741443@critter.freebsd.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Monday 24 November 2003 10:24 pm, Poul-Henning Kamp wrote: > In message <20031124235738.GA4107@StefanEsser.FreeBSD.org>, Stefan > =?iso-8859-1 > > >And that is what this thread is about: Secure removal of data from > >storage media. There definitely is a difference between RLL (as in > >1,7i RLL) and modern PRML drives under this aspect. > > No there isn't. > > It's been proven again and again that you cannot reliably overwrite > data on a magnetic media. In particular the difference in read/write > geometry and lack of fine control over head placement makes this > impossible. > > The only reliable way to loose data is to encrypt them and throw the > key away. This is the conclusion I came to after pushing the idea around for months. If you want an interesting problem to work on, come up with a solution to the keying problem for disk encryption. It somehow needs to allow automated, unattended reboots during "normal" operations but prevent attackers from compromising the system. Maybe you could have the system send an SMS message when it needs a key, you reply with a one-time key from your mobile phone? While you're in there, paint that bikeshed blue. -- Where am I, and what am I doing in this handbasket? Wes Peters wes@softweyr.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200311280014.49356.wes>