On Sun, Mar 27, 2005 at 10:53:41PM +0000, [EMAIL PROTECTED] wrote: > Q3)Shred sounds excellent for removing all traces of previous files, but > 25X?, isn't that overkill? > > Q4) I've heard it suggested that 4x through using the dd command to write > zeros through the mbr to the end of the drive is enough hide sensitive old > files, > how true is that?
If your filesystem is reduntant or journals writes other than to file metadata (Ext3 does not do a full journal, only the metadata), shred won't work very well. Actually, writing zeros over the device once is sufficient unless you are going to actually take the drive apart. If you're going to do that, writing zeros four times is still going to leave some residual trace of the former data. More paranoid erasures involve writing several alternating bit patterns over the media just to really foul things up. For example, if you write over each byte with: 0xff, 0x00, 0xff, 0x55, 0xaa, 0xff, 0x00 you can be sure that the average attempt to read data straight off the platter will simply fail. Let's get more paranoid than that even: 0xff, 0x00, 0x55, 0xaa, 0x55, 0xaa, 0x33, 0xcc, 0x33, 0xcc, 0xf0, 0x0f, 0xf0, 0x0f, 0xe7, 0x18, 0xe7, 0x18, 0xc3, 0x3c, 0xc3, 0x3c, 0x7e, 0xe7, 0x7e, 0xe7, 0xff, 0x00, 0xff, 0x00 Then write something from /dev/urandom to that byte, and clear it back to 0. If someone can pull the original byte off the platter after that, I'd be fairly impressed. _______________________________________________ EUGLUG mailing list euglug@euglug.org http://www.euglug.org/mailman/listinfo/euglug
