LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - General (https://www.linuxquestions.org/questions/linux-general-1/)
-   -   Secure Deletion of Data in Linux (https://www.linuxquestions.org/questions/linux-general-1/secure-deletion-of-data-in-linux-4175436148/)

onebuck 11-07-2012 04:48 PM

Secure Deletion of Data in Linux
 
Hi,

Secure Deletion of Data in Linux

&

Secure Deletion of Data in Linux – part 2

Two good articles to insure understanding for secure deletion of data.

Other useful links in Links for Helpful Linux articles & books

jefro 11-07-2012 06:15 PM

I guess this might also be a reason to start with some encryption or use advanced tools like intel's Vpro or other onboard encryption.

H_TeXMeX_H 11-08-2012 03:05 AM

They are pretty good. I prefer 'wipe'.

With journaled filesystems I recommend cleaning all free space once in a while. So make a large file full of zeroes or random data so that it occupies all free space, and then delete it immediately. Something like:

Code:

dd if=/dev/zero bs=4M of=file; rm -f file
As for multiple passes, it is for the very paranoid. It has never been proven that you can recover any meaningful data even after a pass of zeroes.

unfa 10-27-2017 02:26 PM

Actually it has been proven that a single overwrite (with any data) will render any modern HDD irrecoverably erased.

Sources:

https://www.vidarholen.net/~vidar/ov...drive_data.pdf
http://infosecisland.com/blogview/16...Overwrite.html

Another proof is simply economical. It is in the best interest of HDD manufacturers to use any capacity of their medium to provide more value to their clients. If I had a drive that can read 4 layers deep into it's write history - I'd use that discovery to develop a drive that has 4 times the capacity and sell that.

It's harder to prove that something doesn't exist than it is to prove that it does, but performing 35 overwrite passes to shred data is only going to needlessly wear out the hardware IMHO. 2 passes are already an overkill.

For deleting single files (not wiping whole drives) one must note that there is metadata residing in the filesystem journal and other places, that can be recovered in forensic analysis.


All times are GMT -5. The time now is 05:32 AM.