Secure erasing Info (fwd from richard at SCL.UTAH.EDU)
Jason Holt
jason at lunkwill.org
Mon May 2 14:19:02 PDT 2005
On Mon, 2 May 2005, sunder wrote:
> Yeah, but these days, I'd go with the largest flash drive I could
> afford. USB2 or otherwise. I don't believe you can recover data from
> these once you actually overwrite the bits (anyone out there know any
> different?).
There are lots of pitfalls in secure erasure, even without considering
physical media attacks. Your filesystem may not overwrite data on the same
blocks used to write the data originally, for instance. Plaintext may be left
in the journal and elsewhere. Even filling up the disk may not do it, as some
filesystems keep blocks in reserve. I did a demo a few years ago where I
wrote plaintext, overwrote, then dumped the filesystem blocks out and found
parts of the plaintext.
For anybody who hasn't read it, the Gutmann paper is "Secure Deletion of Data
from Magnetic and Solid-State Memory", and is highly recommended. He shows
that even RAM isn't safe against physical media attacks.
-J
More information about the cypherpunks-legacy
mailing list