LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 03-17-2010, 04:02 AM   #1
Completely Clueless
Member
 
Registered: Mar 2008
Location: Marbella, Spain
Distribution: Many and various...
Posts: 775

Rep: Reputation: 67
Exclamation Security implications for Wear-Leveling of Hard Disks


Hi all,

I am surprised (from the searches I carried out on the net) that no one seems to have considered this danger so far as I can see...

I'm a little concerned about the implications on security for algorithms that opaquely shift data blocks around on disks to even-out surface wear rates.

In the good old days, if I wanted to wipe a file that documented my struggle to give up frosted strawberry donuts (for example) I knew where that file started on the disk and how long it was and could thus instruct the OS to wipe it with complete confidence.

Nowadays, however, with increasingly sophisticated use being made of W-L techniques and fancy, journaling file systems that separate meta-data from file content and whatnot and so forth, how can I still be sure that when I try to overwrite a personal and private file, that i AM actually doing precisely THAT, and not just nuking some virtual image of the thing which in reality remains preserved elsewhere on the disk?
 
Old 03-17-2010, 07:30 AM   #2
smoker
Senior Member
 
Registered: Oct 2004
Distribution: Fedora Core 4, 12, 13, 14, 15, 17
Posts: 2,279

Rep: Reputation: 248Reputation: 248Reputation: 248
It wouldn't be over writing if it remained the same somewhere else would it ? Overwrite takes care of the journal and a file is still a file, even if it's been moved slightly.
 
Old 03-17-2010, 08:32 AM   #3
catkin
LQ 5k Club
 
Registered: Dec 2008
Location: Tamil Nadu, India
Distribution: Servers: Debian Squeeze and Wheezy. Desktop: Slackware64 14.0. Netbook: Slackware 13.37
Posts: 8,520
Blog Entries: 27

Rep: Reputation: 1174Reputation: 1174Reputation: 1174Reputation: 1174Reputation: 1174Reputation: 1174Reputation: 1174Reputation: 1174Reputation: 1174
I believe your concern is valid, Completely Clueless, for the reasoning explained in this LQ post.

EDIT: my reasons had more to do with the hardware itself, rather than how the file systems work. Deleting a file at the file system level will leave lots of data still on disk because there is no point (security aside) to do the extra work of removing the content of what were once file data blocks after they have been freed by removing references to them. A common workaround for this issue is to write a single large file of, say, zeros to the file system until it fills and then delete it.

Last edited by catkin; 03-17-2010 at 08:38 AM. Reason: Errant comma
 
Old 03-17-2010, 08:54 AM   #4
smoker
Senior Member
 
Registered: Oct 2004
Distribution: Fedora Core 4, 12, 13, 14, 15, 17
Posts: 2,279

Rep: Reputation: 248Reputation: 248Reputation: 248
It hardly matters really. Unless you are going to give your disk to someone with sophisticated low level hard drive recovery gear, your deleted files are not readable. When you've finished with the disk you can zero it, but as noted the bad blocks will not get overwritten.

Are you a spy or a govt. agent ?
If not, don't worrry about it.
 
Old 03-17-2010, 09:32 AM   #5
Completely Clueless
Member
 
Registered: Mar 2008
Location: Marbella, Spain
Distribution: Many and various...
Posts: 775

Original Poster
Rep: Reputation: 67
Quote:
Originally Posted by catkin View Post
I believe your concern is valid, Completely Clueless, for the reasoning explained in this LQ post.
Very interesting, Catkin. I recall WD have been using wear-leveling techniques in their normal (non-SSD) drive controllers for a while now. If one was unaware of this phenomenon, one would never know that 'wiped' data was in fact still readable - albeit not via conventional means.

I wonder if the same unsatisfactory situation pertains to USB thumb drives or even SD cards? At first sight, I would find it hard to believe there is as yet such a thing as a "USB stick controller" that opaquely maps out bad sectors of thumb drives, but has anyone any information to the contrary? It would need to be incorporated into the stick itself, presumably.
 
Old 03-17-2010, 09:44 AM   #6
smoker
Senior Member
 
Registered: Oct 2004
Distribution: Fedora Core 4, 12, 13, 14, 15, 17
Posts: 2,279

Rep: Reputation: 248Reputation: 248Reputation: 248
Firstly you keep saying opaquely, when you actually mean transparently. If you can't see it happening then it would be transparent.

Secondly, read this http://en.wikipedia.org/wiki/Wear_levelling
 
Old 03-17-2010, 10:16 AM   #7
catkin
LQ 5k Club
 
Registered: Dec 2008
Location: Tamil Nadu, India
Distribution: Servers: Debian Squeeze and Wheezy. Desktop: Slackware64 14.0. Netbook: Slackware 13.37
Posts: 8,520
Blog Entries: 27

Rep: Reputation: 1174Reputation: 1174Reputation: 1174Reputation: 1174Reputation: 1174Reputation: 1174Reputation: 1174Reputation: 1174Reputation: 1174
Quote:
Originally Posted by smoker View Post
Firstly you keep saying opaquely, when you actually mean transparently. If you can't see it happening then it would be transparent.
Ah, semantics!

I recall finding the usage of these words counter-intuitive when I first learned them (not that I knew "counter-intuitive" then). Transparent means you can see through something. Opaque means you cant. Simple.

Except that neither means you can see inside the something so not so simple because people were using transparent to mean you could see inside something and opaque to mean you couldn't. People define language so I had to go along with it and struck on the idea that when the "something"s are boxes with things inside (as opposed to filters, window panes etc.) the transparent was applied only to the box, not to the things inside the box. From there it was a short step to extending "boxes" to more abstract concepts such as processes and financial accounts. Got it!

On that basis I go with Completely Clueless' usage; anything going on inside a USB stick controller is completely hidden using such instruments as are "to hand".
 
Old 03-17-2010, 10:19 AM   #8
Completely Clueless
Member
 
Registered: Mar 2008
Location: Marbella, Spain
Distribution: Many and various...
Posts: 775

Original Poster
Rep: Reputation: 67
Quote:
Originally Posted by smoker View Post
Firstly you keep saying opaquely, when you actually mean transparently. If you can't see it happening then it would be transparent.

Secondly, read this http://en.wikipedia.org/wiki/Wear_levelling
I guess you would be correct in this context! Funny how real and virtual world terminology is often completely back-to-front.
 
Old 03-17-2010, 10:28 AM   #9
Completely Clueless
Member
 
Registered: Mar 2008
Location: Marbella, Spain
Distribution: Many and various...
Posts: 775

Original Poster
Rep: Reputation: 67
Wink

Quote:
Originally Posted by catkin View Post
Ah, semantics!

On that basis I go with Completely Clueless' usage; anything going on inside a USB stick controller is completely hidden using such instruments as are "to hand".
THanks, Catkin. As a non-technical person I have run up against this curious situation before. For example, with the word "partition" - which before I learned about disks, I took to mean a *divider* that separated things on either side of it. Like the Great Wall of China. Now I know in the virtual world, it is in fact *not* the divider, but a portion of that which the divider has divided!

Same with Ethernet. I always thought that meant a wireless connection (after "Ether" - the old term for space). Now it turns out to actually mean a *wired* connection in nerdspeak. How curious! It amazes me how even more confusing it must be for non-native English speakers.
 
Old 03-17-2010, 11:03 AM   #10
smoker
Senior Member
 
Registered: Oct 2004
Distribution: Fedora Core 4, 12, 13, 14, 15, 17
Posts: 2,279

Rep: Reputation: 248Reputation: 248Reputation: 248
Quote:
Originally Posted by catkin View Post
Ah, semantics!
On that basis I go with Completely Clueless' usage; anything going on inside a USB stick controller is completely hidden using such instruments as are "to hand".
So it is transparent, both to you and the filesystem. Transparent means you can see through it as if it weren't there, which you can.

Opaque isn't even a term used in this regard.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Four hard disk problems over four hard disks in a row. Yaro Linux - Hardware 13 04-25-2009 06:47 PM
LXer: Explanation of Ubuntu Hard Drive Wear and Tear LXer Syndicated Linux News 0 10-24-2007 12:00 PM
firefox under wine - any security implications? Phrenchax Linux - Security 3 08-12-2007 07:27 AM
RH 3 ES won't see hard disks bangulu Linux - General 2 10-08-2006 03:15 PM
2 Hard Disks and 2 OS? How to? nbn792 Linux - General 5 12-26-2003 07:20 PM


All times are GMT -5. The time now is 10:41 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration