Re: Gutman Method on Empty Space
On Thu, Jan 17, 2008 at 12:10:02AM -0800, Jason C. Wells wrote: Can anyone recommend a utility for the secure overwriting of unused disc space? I am a satisfied customer of Eraser for Windows. I'm looking for the same thing for FreeBSD. Have you looked into the `shred` utility (gshred on FreeBSD)? http://blogs.techrepublic.com.com/security/?p=388 -- CCD CopyWrite Chad Perrin [ http://ccd.apotheon.org ] Kent Beck: I always knew that one day Smalltalk would replace Java. I just didn't know it would be called Ruby. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Gutman Method on Empty Space
On Thu, 17 Jan 2008 08:59:44 -0800 Jason C. Wells [EMAIL PROTECTED] wrote: Gutmann method might be excessive but any software that uses it shows a seriousness about security. Gutmann himself regards the continued use of his method as Voodoo Gutmann's paper was about wiping the kind of disks that were being disposed of in 1996. The write patterns used in his method are specific to drives that were already out of production at the time. For drives that were in production, a few random passes are the best that can be done. His opinion now is that with modern drive technologies the chances of recovering anything useful are virtually zero. I've never heard any indication that agencies like the FBI can do it, or that commercial companies can provide such a service - at any price. If you are serious about security, one or two passes from /dev/random to the device are fine. If you are paranoid about what the NSA might be able to do, buy a pickaxe. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Gutman Method on Empty Space
In response to RW [EMAIL PROTECTED]: On Thu, 17 Jan 2008 08:59:44 -0800 Jason C. Wells [EMAIL PROTECTED] wrote: Gutmann method might be excessive but any software that uses it shows a seriousness about security. Gutmann himself regards the continued use of his method as Voodoo Gutmann's paper was about wiping the kind of disks that were being disposed of in 1996. The write patterns used in his method are specific to drives that were already out of production at the time. For drives that were in production, a few random passes are the best that can be done. His opinion now is that with modern drive technologies the chances of recovering anything useful are virtually zero. I've never heard any indication that agencies like the FBI can do it, or that commercial companies can provide such a service - at any price. If you are serious about security, one or two passes from /dev/random to the device are fine. If you are paranoid about what the NSA might be able to do, buy a pickaxe. Many companies provide secure disposal services -- which generally involve dramatic physical destruction of the media. Seems to me that this the accepted approach these days. You know, they crush the drive, then burn it, then stomp on the ashes ... Of course, that only applies if you're disposing of an entire drive. If you just want to do a clean wipe of a file, rm -P is enough. There's no way for a logged in user to recover what was there before rm overwrote the file with zeros. If you're concerned about a user physically examining a disk then you have to enforce physical security, either through physically securing the device, or with HDD encryption (via geli or similar). If this is an isolated incident (i.e. you accidentally put a sensitive file on an insecure drive), I think you'll be fine if you overwrite it from /dev/random once or twice, then rm -P it. -- Bill Moran http://www.potentialtech.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Gutman Method on Empty Space
Hi there, Check out /usr/ports/security/wipe/ - It should meet your requirements. Cheers, Marc On Thu, Jan 17, 2008 at 12:10:02AM -0800, Jason C. Wells wrote: Can anyone recommend a utility for the secure overwriting of unused disc space? I am a satisfied customer of Eraser for Windows. I'm looking for the same thing for FreeBSD. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Gutman Method on Empty Space
Marc Silver wrote: Hi there, Check out /usr/ports/security/wipe/ - It should meet your requirements. Or always 'rm -P' :-) Peter -- http://www.boosten.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Gutman Method on Empty Space
Hi there, On Thu, Jan 17, 2008 at 09:22:33AM +0100, Peter Boosten wrote: Or always 'rm -P' :-) Nice... never knew about this. That said, this won't satisfy the Gutmann requirement as far as I understand it and overwriting a file three times is not considered a true secure wipe of data. This data would still be theoretically recoverable. Cheers, Marc ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Gutman Method on Empty Space
man dd On Thu, 17 Jan 2008, Jason C. Wells wrote: Can anyone recommend a utility for the secure overwriting of unused disc space? I am a satisfied customer of Eraser for Windows. I'm looking for the same thing for FreeBSD. Thanks, Jason C. Wells ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Gutman Method on Empty Space
Hi there, On Thu, Jan 17, 2008 at 09:43:46AM +0100, Wojciech Puchar wrote: how? even single write is enough Not according to the paper that Gutmann wrote: http://www.usenix.org/publications/library/proceedings/sec96/full_papers/gutmann/ In short, he says that if you know how the data itself was overwritten it can be recovered. If I recall, the DoD standard for the deletion of data is to overwrite it 3 times. Obviously it all comes down to how important the data is that you're removing, but a single write is not enough if the data needs to be disposed of 'securely'. Cheers, Marc ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Gutman Method on Empty Space
That said, this won't satisfy the Gutmann requirement as far as I understand it and overwriting a file three times is not considered a true secure wipe of data. This data would still be theoretically recoverable. how? even single write is enough ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Gutman Method on Empty Space
Marc Silver wrote: Obviously it all comes down to how important the data is that you're removing, but a single write is not enough if the data needs to be disposed of 'securely'. Yep. The magnetic media retains a trace of everything that was recorded on it. If you have recorded over an old cassette tape, you may still be able to discern the original recording under the new recording. Gutmann method might be excessive but any software that uses it shows a seriousness about security. Plus I don't have to do all that writing. The computer does it for me. Wipe looks like a good start. Thanks for the tip. Later, Jason ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Gutman Method on Empty Space
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason C. Wells Sent: Thursday, 17 January 2008 9:10 p.m. To: freebsd general questions Subject: Gutman Method on Empty Space Can anyone recommend a utility for the secure overwriting of unused disc space? split -b 200m /dev/random randomdata ; sync rm randomdata* Run as many times as your paranoia factor requires on your file system. Gutman suggests in his own writings that overwriting with random data makes the most sense with modern disks. Run as root to extend the writes past the soft filesystem limit. Use whatever split parameters you fancy for the file sizes. The srm port has fancy features for file/directory deletions. Cheers, Brent ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Gutman Method on Empty Space
Can anyone recommend a utility for the secure overwriting of unused disc space? split -b 200m /dev/random randomdata ; sync rm randomdata* Run as many times as your paranoia factor requires on your file system. Gutman suggests in his own writings that overwriting with random data makes the most sense with modern disks. Run as root to extend the writes past the soft filesystem limit. Use whatever split parameters you fancy for the file sizes. The srm port has fancy features for file/directory deletions. If I didn't misunderstand your question. If you're trying to write bits onto your disk so that nobody could recover data from it, there is a very simple way to blank out either YOUR WHOLE HARD DRIVE or AN ENTIRE SLICE ON YOUR HARD DRIVE. Using the `dd' utility you can write zero bits to an entire slice of your hard drive (or to the whole hard drive): dd if=/dev/zero of=/dev/disk-or-slice-ID Don't do this unless you want to lose all data on a slice or hard drive. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]