At 07:05 PM 5/8/2001 +0000, Dr. Evil wrote:
>Are there some disk wiping programs for Linux, which overwrite all
>data on a disk a few times, so it can't be recovered?
Yes, but be aware that any data erasing system that falls short of turning
the disk into a puddle by heating it beyond its melting point may allow a
remote possibility of data recovery. If it's a matter of life and death,
you're probably better off physically destroying the disk, especially if the
unauthorized entity trying to read your data is well funded. There's lots of
expensive equipment that can recover data on your disk long after its
unreadable via conventional means. A new disk can be had for under $200
these days, and it's not very often that so much peace of mind can be had so
cheaply.
>Ideally, this
>should be an option on the mkfs command, like mkfs -w /dev/hda1.
Probably not. mkfs should do one thing and do it well. The destruction of
any existing filesystem is a side effect of making a new filesystem, and not
mkfs's intended function.
>mkfs
>has a -c option, but that doesn't do it, I think.
In most fsck implementations, -c typically does a read-only test for block
readability. Unreadable blocks are then marked as unavailable in the
filesystem metadata. On older disks that did not deal with bad blocks
internally, working around bad blocks was an important function of the
filesystem.
The program you're looking for is called GNU shred. It is included in GNU
fileutils 4.0.43 and perhaps earlier versions, which means it should be
available on most recent GNU based systems including GNU/Linux. Shred works
on both filesystems and block devices. It overwrites the file or block
device you specify 25 or more times with special patterns and random data
before optionally unlinking it.
>From GNU shred's documentation:
The best way to remove something irretrievably is to destroy the media
it's on with acid, melt it down, or the like. For cheap removable media
like floppy disks, this is the preferred method. However, hard drives
are expensive and hard to melt, so the `shred' utility tries to achieve a
similar effect non-destructively.
This uses many overwrite passes, with the data patterns chosen to
maximize the damage they do to the old data. While this will work on
floppies, the patterns are designed for best effect on hard drives. For
more details, see the source code and Peter Gutmann's paper `Secure
Deletion of Data from Magnetic and Solid-State Memory', from the
proceedings of the Sixth USENIX Security Symposium (San Jose, California,
22-25 July, 1996). The paper is also available online
<http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html>.
Note that shred takes a long time to work its magic, especially if you shred
a large file or block device. GNU shred is good for use as a proactive
measure, but won't be of much use if you're planning to erase a disk only
when you see unauthorized hands reaching for it. If you anticipate such a
scenario, you should be storing the data in a filesystem on encrypted block
device starting at its inception. If your data is important enough that
you're willing to go through this much trouble to permanently delete it, you
should be taking the additional precaution of keeping your filesystems and
swap on encrypted block devices even if you don't anticipate theft.
--
Brian Ristuccia
[EMAIL PROTECTED]
[EMAIL PROTECTED]
