What is Digg?Sponsored by Dragon Age: Origins
Can't get enough Dragon Age: Origins? Check out new footage. view!
DragonAge.BioWare.com - EA presents BioWare's new dark fantasy epic Dragon Age: Origins. '9/10' from Game Informer.
39 Comments
- tuffy, on 10/12/2007, -2/+9"shred" is good for wiping whole partitions (/dev/hda1, etc.) but is no longer effective on modern filesystems that don't overwrite in-place. "man shred" and see for youself.
- realfinkployd, on 10/12/2007, -0/+4Gutmann's scheme has not been effective for years, it was specifically designed for drives that use RLL encoding, and none do anymore. You are better off writing patterns of random data to the drive.
You also cannot effectively wipe files on modern (read: post FAT32 & ext2) filesystems. Your only option there is to wipe the drive (or partition) itself. And even then, if your data is valuable enough to someone with resources, it is possible that it may be retrievable. Corporations really should not junk or sell old drives, but physically destroy them.
Bottom line, shred (and similar tools) are only good for securely deleting partitions and whole disks, not files. - echimu, on 10/12/2007, -0/+3Sorry,
Also don't forget to read http://www.cs.auckland.ac.nz/%7Epgut001/pubs/secure_del.html Secure Deletion of Data from Magnetic and Solid-State Memory - shakin, on 10/12/2007, -0/+3Yes, there is a trash can in both KDE and Gnome desktop environments. There is no trash can on the command line, but there isn't one there on Windows or OS X either. Just like those other operating systems you can choose to delete an item right away and avoid the trash bin. Shredding a file prevents forensics software from recovering it.
I guess you can make an alias for to use the trash bin on the command-line. Just have it run 'mv ~/.Trash' when you run 'rm'. - echimu, on 10/12/2007, -0/+3Most of these utilities are not effective (read as useless) only if :
* File system is log-structured or journaled filesystems, such as JFS, ReiserFS, XFS, Ext3 etc
* Your filesystems is RAID-based, compressed filesystem etc
* In addition, file system backups and remote mirrors may contain copies of the file that cannot be removed by these utilities.
Source: http://www.cyberciti.biz/nixcraft/vivek/blogger/2005/06/linux-how-to-delete-file-securely.php - detrate, on 10/12/2007, -3/+5eraser -- http://www.heidi.ie/eraser/download.php -- is good for windows
- stoops, on 10/12/2007, -1/+3similiar tool built into OS X as well called srm.
- coredump0x01, on 10/12/2007, -0/+2For wiping a windows partition, you can use the dd command under Knoppix. as root, enter 'dd if=/dev/urandom of=/dev/hda1' It fills the entire partition with random junk spewed by /dev/urandom. WARNING! DO NOT TRY THIS AT HOME AS IT WILL DESTROY ALL DATA TO THE POINT OF IRRECOVERABILITY!
- bytefoo, on 10/12/2007, -1/+3Yes, this won't securely destroy single files/directories on modern journaled filesystems.
- Bogtha, on 10/12/2007, -0/+2Flushing the buffers won't do any good. Tools like shred depend upon being able to overwrite the exact sectors that the files currently occupy. Modern journalled filesystems don't work this way - you might be overriting the file as far as the OS is concerned, but you aren't overwriting the sectors as far as the hard disk drive is concerned, which is what needs to be done for a secure deletion. Unlike older filesystems, the new data gets written to unused sectors, and then the filesystem is updated to point to the new sectors, leaving the old sectors intact and recoverable. The only way to perform a secure deletion is, as tuffy said, to overwrite the entire partition.
- Tux42, on 10/12/2007, -0/+1lol
I was thinking the same thing.
how about info the infotext command.
However, in defense of the article. This is news for people who have not heard of the shred program before.
Have a nice day :) - sumdog, on 08/22/2008, -0/+1This is very true. Software recovery firms can pull data several hundred if not thousands of layers deep. The way magnetic data is written to the drive makes permanent molecular imprints in the metal.
This is why the DOD puts old hard drives, tapes, etc in metal shredders. - sumdog, on 08/22/2008, -0/+1Agree entirely. If you have $500 and ship your drive off to a recovery company, they can pull data 100 layers deep. It takes a massive amount of overwriting, several thousand layers, to make data irrecoverable.
- inactive, on 10/12/2007, -1/+2the only secure delete that exists is a blow torch on the hd.
no exceptions, no arguments. - Bogtha, on 10/12/2007, -0/+1The system doesn't go kaboom, it just it acts like a normal deletion.
- v3xt0r, on 10/12/2007, -1/+2shred is nice w/ the ext2 File System, for those of you who also prefer to use ext2. =)
- colin7151, on 10/12/2007, -0/+1For anyone doing secure disk wiping in an Enterprise environment I would strongly recommend Whipdrive:
http://www.whitecanyon.com/wipedrive-erase-hard-drive.php
It is commercial software, but from my experience it is worth the $40 to get good support for RAID setups, something I have found DBAN lacking in. - pynej, on 10/12/2007, -0/+1The trash system in all OS's is really just a guise. All that happes is files are moved to a folder some place called trash. There is nothing special about it becides its name and ease of access. Gnome and KDE have simmaper systems. But console enviornments like Bash and Dos do not utilize thiss special folder and just delete things right away.
- starzinger, on 10/12/2007, -1/+1I use bcwipe, http://freshmeat.net/projects/bcwipe/
It uses Gutmann's principle of overwriting every file 35 times, very nice :)
Read more about Gutmann's scheme here:
http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html - shakin, on 10/12/2007, -1/+1The Krusader file manager for KDE (works elsewhere as well) has a built-in shred function. I don't know if it's more useful on modern file systems than the 'shred' program.
- boshaus, on 10/12/2007, -2/+2not a secure way to delete for some filesystems like reiserfs. try doing it on reiser4 and the system goes kaboom.
- rokka, on 10/12/2007, -1/+1I've always used ”wipe” for this. Does anyone know which is the better, e.g. more secure, program?
- linickx, on 10/12/2007, -0/+0http://www.thc.org/download.php?t=r&f=secure_delete-3.1.tar.gz - has always been my fav' Linux secure delete, the recursive deletion can be useful :-D
- portis, on 10/12/2007, -1/+1I wasn't referring to X like environments. I was referring to the shell prompt. In windows, there's the undelete command. What's the equivalent for it in Linux? I don't think there is one. So using 'Shred' for a typical system is a waste of time.
- argoff, on 10/12/2007, -0/+0For journaling filesystems I sometimes do .... "cat /dev/urandom > DELETEME ; sync ; sleep 1 ; rm -f DELETEME" .
This will fill up most of the empty spaces in the filesystem with random data, and then when it errors out after the fs fills up, it will sync it to disk and clear it back off. Be prepared to leave it overnight. Here I herd cat works better than "dd" because dd tries to use consecutive blocks. cat /dev/zero works several times faster, but isn't as secure, but if I do "cat /dev/zero > DELETEME ; sync ; sleep 1 ; shred -un1 DELETEME" it seems much faster from start to finish.
With shred, technically speaking if you do only 1 pass, someone could take out an electron microscope and try to read other passes on the same track, but in practice the cost to do that could easily be several hundred thousand dollars per drive, so you're probably pretty safe. Also, you should be root when you do this, because the OS seems to save some extra space on the drive for the administrative user. Finally, I would recommend doing a full fsck on your filesystem first and doing it in single user mode. If you fill up a partially damaged filesystem, or one in use by a database app - it could have ugly results. - doolittle, on 10/12/2007, -0/+0re: Bogtha - thanks, was a better explaination - it looks like another way to overwrite recently deallocated sectors is to create garbage data files and fill up your partition's remaining free space capacity.
- inactive, on 10/13/2007, -2/+1I'm tired of these god damned weekly articles on one website or another about "securely wiping your ***** with shred," especially because of the "small" caveat that they don't really work with journaling file systems, which is what 99.8% of readers use. Seriously, who the hell still uses ext2 for anything besides maybe boot partitions? When there's a shred-for-journaling-file-systems program, let me know. Until then, these articles are more useless than a weekly "juggling for three-armed transsexual midgets" article.
- doolittle, on 10/12/2007, -2/+1re:tuffy - running "sync" after the shred command should flush any disk buffers and / or FS journaling info.
- joeslice, on 10/12/2007, -6/+5talk about old news.... this has been in every Linux distro I've used.... If someone wrote an article called "LINUX: copying files with cp", I wonder if that would get dugg.
- Chromoly, on 10/12/2007, -6/+4securely see all files in your directory with "ls" it's amazing.
- Namain, on 10/12/2007, -3/+1Useful information, but not exactly news
- boshaus, on 10/12/2007, -2/+0well, mine tends to crash when I do it.. dunno why.
- macewan, on 10/12/2007, -5/+3no more whiteout? sounds good to me, my screen looks like *****.
- twistx, on 10/12/2007, -6/+3Are we going to see a front page story on the "man" command tomorrow?
- bullium, on 10/12/2007, -5/+1pretty nifty, I digg it...
- mjar81, on 10/12/2007, -5/+1what is "man"?
lol. j/k - frizop, on 10/12/2007, -6/+1This may be so, but acting like a 'know-it-all' on a INTERWEB forum won't get you any notice.
- portis, on 10/12/2007, -8/+2How do you undelete in Linux in the first place? There's no trash can.
- clos, on 10/12/2007, -10/+1wow 33 diggs to the front page, more impressed with that
© Digg Inc. 2009
— Content created and posted by Digg users is