| |||||||||||||
What about shred(1)?What about shred(1)?Posted Oct 13, 2011 8:57 UTC (Thu) by michaeljt (subscriber, #39183)In reply to: What about shred(1)? by lemmings Parent article: Securely deleting files from ext4 filesystems
> A FS defiling tool (or at a minimum dd if=/dev/zero of=crud; shred -u crud) can help remove those traces.
Even better if that is build deeper into the filesystem, especially so that it can use the build-in capabilities of SSD drives. Or then again, perhaps not - from the article, "Secure discard handles the deletion internally to the device - perhaps just by marking the relevant blocks unreadable until something else overwrites them - eliminating the need to perform extra I/O from the kernel." Doesn't sound quite as safe as immediately overwriting the space.
(Log in to post comments)
What about shred(1)? Posted Oct 14, 2011 2:41 UTC (Fri) by zlynx (subscriber, #2285) [Link] An SSD might not securely delete the contents when requested.On the other hand, it will almost certainly not delete the data if you attempt to delete by overwriting, because of wear leveling. So going with secure delete/TRIM which will probably work, against overwriting which will probably not work, the choice is clear.
What about shred(1)? Posted Oct 14, 2011 3:02 UTC (Fri) by raven667 (subscriber, #5198) [Link]
The choice is clear, yes, use full-disk encryption...Tools like shred are probably not worth your time.
key management Posted Oct 17, 2011 14:19 UTC (Mon) by jpnp (subscriber, #63341) [Link]
So now you've exchanged a media wiping problem for a key management problem, hardly a panacea.
key management Posted Oct 17, 2011 21:50 UTC (Mon) by raven667 (subscriber, #5198) [Link]
Maybe not a panacea but a far more understandable and tractable problem.
The alternative is storing everything in the clear and then making bad assumptions about how the underlying technology works so that you can try and fail to wipe the data when required because you don't really control or understand the underlying storage.
|
|||||||||||||