GeneralThis forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Windows 7 / 8.1, Fedora 21, OSX 10.10
Posts: 26
Rep:
Quote:
Originally Posted by b0uncer
And the limits of the environment, which depends on how it was programmed. But typically it stretches far beyond the graphical interface's capabilities, and mostly users' nerves.
If you really wanted to securely delete data, you wouldn't shred it, but instead use strong magnetic fields to mess up the magnetic media (or equivalent for other type media), then smash it into pieces and melt down in a couple thousand Kelvins temperature. And maybe eat in your porridge, to make sure nobody wants to touch the thing after that..
It would be nice to see how people reacted if some new version of Windows presented the users with a whole new command line environment, along with all the apps (well, their equivalents) Unix/Linux users are familiar with already. Like expanding DOS to the next dimension.
Nice way of doing without even technical details. But that applies to a HD that seemed to be a suffering from hardware failure then I will do it. Otherwise, my heart may breaks (Chinese called 心痛) since it is just working fine and intended to give to poorer people who may even think that a 20 or 40 GB of HDD is enough for them.
However, this seemed to workable only if you heat on a stove, or you own a heavy metal industries that does wielding etc. (Or someone with furnace.)
Distribution: Windows 7 / 8.1, Fedora 21, OSX 10.10
Posts: 26
Rep:
Quote:
Originally Posted by schneidz
pop quiz hot shot:
what do you do?, what do you do ?
this is a fictional story in the case. It seemed that there were cases across the globe where people taped some illegal stuffs from abuse of power to sex scandal and released to the press or authorities (Mainly Illegal activity rather than sex scandal unless it is a rape where so far I had heard none of it.)
Distribution: Windows 7 / 8.1, Fedora 21, OSX 10.10
Posts: 26
Rep:
Quote:
Originally Posted by {BBI}Nexus{BBI}
That is what the package manager is for, it should help to alleviate any dependency issues automatically for the average computer user who isn't an expert.
May not. I have tried Ubuntu 6.06 with some codec problems (Namely using Gstreamer codec to play RealMedia Files only workable in Mplayer. But I like Totem which does not work on playing RM files (It is either with Video no Sound or With Sound but no Video,depending you use Xine or Gstreamer.) So I tried to upgrade to 2.18 of Totem but sorry even in package manager,you need to upgrade some system related packages. If you download from its offical sites for newest package,more problem comes by. You will see this package is not compatible, that also cannot. And you will end up uninstalling a lot of system package and yet cannot install the updated version. The worst I got was to see my Ubuntu does not work at all. Unable to open the window! And I had to reinstall it.
All these was not updated by its Update Manager. (That is by using a Fesity system package to install on 6.06)
Distribution: Windows 7 / 8.1, Fedora 21, OSX 10.10
Posts: 26
Rep:
Quote:
Originally Posted by dracolich
I don't remember Java being available for Windows 1.0 or 2.0. In 3.11, however, I remember using early versions of Netscape Navigator and Java. Back then Java mostly allowed minor audio and animation effects because internet connections were still primarily dial-up with 33.6Kbps. T1 was still new and Cable and DSL hadn't started yet.
O so ok, back then I did not use any computers. By then, I was not even in Primary School yet. My first experience on computers was Windows 95, where I rarely used it on my school. I dont even own them until I was 12.So I might be mistaken for Java's history.
Quote:
Originally Posted by dracolich
If you use Firefox then everything is saved in it's Cache folder. You can use the portable version of Firefox that already has Cache disabled or edit the appropriate entry in about:config to disable it. Then tell it to always clear private data, which will include cookies and history, when it closes. I always set mine up to not remember what I type in fields or passwords. And in Linux I have my Firefox cache directory completely deleted during shutdown.
For me, I always set not to remember any history. for cache, well I scared the loading time will be like a tortoise, so I will set some cache regardless my Mac Notebook, or PC with Windows or Linux. However, I dont ask it to clear the data because I dont think it deletes with some pass (Not to mention 35, I dont think it does at least a pass). I use CCleaner on Windows XP, Cache Out X on my Mac OS X 10.4.11 but nothing on Linux. I am not too sure how to do that securely.
Quote:
Originally Posted by dracolich
If your worried about sending financial information and credit card numbers over the internet, the best security is to just not do it. But if you must, and you feel you want to thoroughly erase the evidence, use the dd command I previously posted, with as many passes as you like, after deleting those temp files. The command, modified for single line, is:
You can apply this to any partition by putting the appropriate /dev/hd** in front of fileconsumingallfreespace
I am just wondering. Just like a song,the lyrics is trying to bring some meaning over it. so is it true that dd if=/dev/urandom > fileconsumingallfreespace means to writ e all the free space with random character and leave it there while the laterral rm fileconsumingallfreespace means to remove the files written on the free space so that we had throughly removed the evidence but without wasting our disk space forever? Also to use ;; with a space before and after each command means to tell the computer to execute 2 commands concurrently (So by another example of using CLI rm /home/user/videos ;; rm /home/user/music ;; rm /home/user/pictures means to remove User's videos, then remove User's music which finally to remove User's pictures?)
By the way,does this command removes all partiton and physical HDD's free space or only hda1 if I do not use /dev/hd** before fileconsumingallfreespace?
Final Conclusion: While this is the best command, it will take days to do it completely especially one with 300GB of HDD compared to a 6GB HDD.
So it might not be pratical to do it frequently. Internet Cleaners, on the other hand, brings more convenience by just removing the cookies and caches etc without taking hours unless it is full of online movies/animation with at least half hour long.
My starting of securely delete files is a "broad topic" where attempts to cover how to remove caches and cookies that is related to Internet Browsing to Non Internet Browsing related stuffs like personal agreements or simply a diary that you do not intend to release now but your PC is broke at untimely now and attempt to store it onto another location such as portable HDD,thumbdrive etc before deleting it that even the repairman cannot attempt to look at it.
Now you've finished with that encryted file what do you do next?
1. Hit the delete key and take comfort in the knowledge that even if the file is recovered it's encrypted anyway.
or
2. Secure delete it to make recovery of said file nigh impossible!!
Personally, I secure delete it =P My point was that given a reasonably good memory and a few "tricks", you shouldn't have to store sensitive information in electronic format.
But, let's assume there's no way around it...you MUST store some critical bit of information on your hard drive...it's best to encrypt it (with strong encryption...do the research and LEARN before you settle on plain old DES (or similar)) and securely delete it when you're finished.
I believe if it's important enough to rate a secure delete, you should consider setting up a small partition (50-100 meg, perhaps?) (you DID leave a bit of empty space on that 500 GB hard drive, right? heh) that can be encrypted, and if a secure delete is warranted then running this:
Code:
host dir # rm '<secure partition>/<sensitive file>'
host dir # cat /dev/urandom > '<secure partition>/<some big file>'
host dir # rm '<secure partition>/<some big file>'
won't take weeks (as pointed out by ussr_1991)...and it's just as "securely deleted" as it would be otherwise (especially if you run the second and third command repeatedly). (And it'd be wise to run encrypted swap that gets "zeroed out" when you shutdown, just in case =)
I am just wondering. Just like a song,the lyrics is trying to bring some meaning over it. so is it true that dd if=/dev/urandom > fileconsumingallfreespace means to writ e all the free space with random character and leave it there while the laterral rm fileconsumingallfreespace means to remove the files written on the free space so that we had throughly removed the evidence but without wasting our disk space forever? Also to use ;; with a space before and after each command means to tell the computer to execute 2 commands concurrently (So by another example of using CLI rm /home/user/videos ;; rm /home/user/music ;; rm /home/user/pictures means to remove User's videos, then remove User's music which finally to remove User's pictures?)
Quote:
By the way,does this command removes all partiton and physical HDD's free space or only hda1 if I do not use /dev/hd** before fileconsumingallfreespace?
To answer your questions: the > tells dd to direct its output to the single file named ... which will consume the remaining free space on the target partition. Without specifying a partition it will use the current location. If your target is mounted on /mnt/WINNT, for example, then you would want to specify that in the command. I think I meant just one ; because dd will end with an error when the disk is full. I use ; so that when dd finishes it runs rm immediately after to remove the new file.
Quote:
Final Conclusion: While this is the best command, it will take days to do it completely especially one with 300GB of HDD compared to a 6GB HDD.
Is the target partition the full 300GB or is the disk split into multiple partitions?
@ussr_1991, I have already said that there is no need to do a "secure" delete on an ext3 filesystem because it actually deletes the stuff when you do a rm
@ussr_1991, I have already said that there is no need to do a "secure" delete on an ext3 filesystem because it actually deletes the stuff when you do a rm
Does that also mean these files cannot be retrieved by programs such as 'Encase'?
Does that also mean these files cannot be retrieved by programs such as 'Encase'?
Quote:
Undeletion
Unlike ext2, ext3 zeroes out block pointers in the inodes of deleted files. It does this to simplify read-write access to the filesystem when the journal is being replayed after an unclean mount. This, however, effectively prevents files from being undeleted. The user's only recourse is to grep the hard drive for data known to signal the start and end of the file. This provides slightly more secure deletion than ext2, which can be either an advantage or a disadvantage.
I think that was the entire point of ussr_1991's original post...the pointers are overwritten, but the original data itself is not, meaning someone with enough time, know-how, and effort could "undelete" the file. (Correct me if I a) misread your post, Ace, or b) didn't get the point of your posts, ussr).
Quote:
Originally Posted by rm man page
Note that if you use rm to remove a file, it is usually possible to recover the contents of that file. If you want more assurance that the contents are truly unrecoverable, consider using shred.
Time and know-how are the biggies, as someone who attempts this kind of undelete is obviously motivated enough to put in the effort...and given the instance of a hard drive getting stolen (or sent to a shop to get worked on, in which case the repairman can simply dd the data off the drive to a backup), it seems the "bad guy's" know-how is the limiting factor.
And worse, shred (which uses a default 25 passes from /dev/urandom to overwrite a file (and optionally delete it)) states in it's man page that journaled file systems provide some difficulty in securely deleting a file:
Quote:
Originally Posted by shred man page
In the case of ext3 file systems, the above disclaimer applies (and shred is thus of limited effectiveness) only in data=journal mode, which journals file data in addition to just metadata. In both the data=ordered (default) and data=writeback modes, shred works as usual.
Depending on how ext3 is mounted from the start (know thy distro!), it may be possible to recover a sensitive data file even after running dd or cat /dev/urandom on it multiple times...
I think that was the entire point of ussr_1991's original post...the pointers are overwritten, but the original data itself is not, meaning someone with enough time, know-how, and effort could "undelete" the file. (Correct me if I a) misread your post, Ace, or b) didn't get the point of your posts, ussr).
Time and know-how are the biggies, as someone who attempts this kind of undelete is obviously motivated enough to put in the effort...and given the instance of a hard drive getting stolen (or sent to a shop to get worked on, in which case the repairman can simply dd the data off the drive to a backup), it seems the "bad guy's" know-how is the limiting factor.
And worse, shred (which uses a default 25 passes from /dev/urandom to overwrite a file (and optionally delete it)) states in it's man page that journaled file systems provide some difficulty in securely deleting a file:
Depending on how ext3 is mounted from the start (know thy distro!), it may be possible to recover a sensitive data file even after running dd or cat /dev/urandom on it multiple times...
I honestly don't think someone would do that unless you had like top secret goverment info or something like that. I think secure delete on a home desktop pc running linux is just being paranoid, I could see maybe on a business laptop or a government computer. I doubt someone would go through that much trouble to get personal info for one person, its a pretty impractical way to get money, unless the person is rich or something.
I honestly don't think someone would do that unless you had like top secret goverment info or something like that. I think secure delete on a home desktop pc running linux is just being paranoid, I could see maybe on a business laptop or a government computer. I doubt someone would go through that much trouble to get personal info for one person, its a pretty impractical way to get money, unless the person is rich or something.
This is true. It's far easier to scam the weak (paypal scams, anyone?) than undelete personal info from a PC...unless we're talking about the celebrity who had 1300 photos (ok, ok...it's likely that they were rich and could be blackmailed)...but the question is not about the likelihood of such an attack...it's about "can this file be undeleted against my wishes?"
This question cannot be answered without reviewing all of the details. I'm a paranoid person...perhaps ussr_1991 is paranoid, too? The likelihood of an attack is a different subject from the availability of an attack, hence my last post.
Distribution: Windows 7 / 8.1, Fedora 21, OSX 10.10
Posts: 26
Rep:
Quote:
Originally Posted by rocket357
Personally, I secure delete it =P My point was that given a reasonably good memory and a few "tricks", you shouldn't have to store sensitive information in electronic format.
But, let's assume there's no way around it...you MUST store some critical bit of information on your hard drive...it's best to encrypt it (with strong encryption...do the research and LEARN before you settle on plain old DES (or similar)) and securely delete it when you're finished.
I believe if it's important enough to rate a secure delete, you should consider setting up a small partition (50-100 meg, perhaps?) (you DID leave a bit of empty space on that 500 GB hard drive, right? heh) that can be encrypted, and if a secure delete is warranted then running this:
Code:
host dir # rm '<secure partition>/<sensitive file>'
host dir # cat /dev/urandom > '<secure partition>/<some big file>'
host dir # rm '<secure partition>/<some big file>'
won't take weeks (as pointed out by ussr_1991)...and it's just as "securely deleted" as it would be otherwise (especially if you run the second and third command repeatedly). (And it'd be wise to run encrypted swap that gets "zeroed out" when you shutdown, just in case =)
Bottomline to readers who want to safely remove files: Set the browser cache to a not more than a GB partition especially when user with more than 80G HDD.
If the company/work related confidental is not a lot, use a partition HDD with about 100M as above stated. Do encrypt the files.
I think the above suggestion is achievable even by a novice.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
