On 22/06/17 01:02, Ruediger Meier wrote: > On Sunday 18 June 2017, Pádraig Brady wrote: >> tag 27420 notabug >> close 27420 >> stop >> >> On 18/06/17 00:22, John Shearing wrote: >>> favorite >>> <https://raspberrypi.stackexchange.com/questions/68635/self-destruc >>> t-self-erase-of-all-data-on-sd-card-using-shred-dd-or-some-other#> >>> >>> I will be using a raspberry pi as an air-gapped computer to make >>> secure encrypted transactions on the Ethereum BlockChain. Once in >>> awhile I will want to update the software I am using which will >>> mean taking the SD card out of the pi and inserting it into a >>> laptop computer which is connected to the Internet. I would like to >>> use some program or command line utility on the raspberry pi to >>> securely erase everything on the SD card before removing it as this >>> will eliminate all possibility of sensitive information being read >>> off the SD card by bad actors which may have compromised my laptop. >>> >>> The following command typed in at the pi terminal conveys the idea >>> of what I hope to accomplish: >>> shred --verbose *.* >>> >>> Is this possible using shred? >> >> shred already supports passing multiple files, however >> you would be much safer shredding at the device level, >> since there is all sort of reallocation etc. happening within >> filesystems. I.E. something along the lines of: >> >> SDCARD=/dev/sdb1 >> umount $SDCARD >> shred --verbose $SDCARD >> mkfs.ext4 $SDCARD >> >> Note you can partition the SDCARD if there only a portion that >> you want to destructively recreate like this. > > Does schred support SSD on the lowlevel? I don't think you can truly > wipe na SSD by overwriting it, especially if you would overwrite only a > file or partition
This is a good point and already mentioned in the shred info docs. That mainly protects against sophisticated access to the device though, whereas the case here is for standard access (through a compromised laptop). cheers, Pádraig