Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Unless you're running on bare metal (no virtualization) on your own server, even shred, dd, etc is no guarantee of anything. The virtualization software is capable of intercepting everything written to disk. It can make copies, incremental backups, whatever they want it to do.
If your data is sensitive, don't put it on a virtual server hosted in the cloud, bottom line. You have no idea who or what has access to the data you put on it.
A final paranoia-boost:
read the "man shred" until the end. It is mentioned that overwriting files is not guaranteed to work with most of the filesystems.
The reason is that in order to save time or because of other functionality offered by the filesystem (e.g. historical snapshots of data), even when you overwrite a file the data is not going to land at the same place that the original file was using => the original data will still be lying somewhere on the HDD.
Just what I need... More paranoia!!
I know that I have all but accepted that philospohy on my personal laptop... There are just too many unknowns to think that password-protecting or encrypting particular files or directories is enough. The only way you can hope to be safe is to do Full Disk Encryption (FDE).
Of course, there is the rub with a VPS - you can't control the disks/machines!!
Unless you're running on bare metal (no virtualization) on your own server, even shred, dd, etc is no guarantee of anything. The virtualization software is capable of intercepting everything written to disk. It can make copies, incremental backups, whatever they want it to do.
If your data is sensitive, don't put it on a virtual server hosted in the cloud, bottom line. You have no idea who or what has access to the data you put on it.
It sucks being "privacy conscious" and yet being on a limited budget!!
The only way you can hope to be safe is to do Full Disk Encryption (FDE).
Well, it probably doesn't matter if you do FDE or just a 2nd level ecryption like encfs (which I am using) - the disk controller will always end up deciding where the data ends up.
At that point what will matter will be the weakest link, which will probably be the host that you'll use to input/write your password => these thoughts will bring you to paranoia-level-2.
Paranoia-level-3 can be accomplished only with a full offline server.
Paranoia-level-4 is then really advanced, with no windows and double walls to avoid any kind of external leak of frequency.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.