Re: ext2 not NULLing deleted files?

Thomas Pornin (Thomas.Pornin@ens.fr)
Fri, 17 Aug 2001 09:56:27 +0200


In article <01081709381000.08800@haneman> you write:
> "The Other OS" in its professional version does of course clear the
> deleted blocks with 0's for security reasons

That's not much more than a smoke screen, actually. Wiping out data
from a disk requires more than merely writing 0's, if the bad guy is
assumed to physically have hold of the disk. See, for instance, the
paper from Peter Gutmann, "Secure Deletion of Data from Magnetic and
Solid-State Memory" (published in Usenix'96). Such games are much
dependant on the actual writing technology, and harddisk cache (which
cannot be deacticated on some modern IDE disks) gets in the way.
Besides, performance is terrible (if you need to rewrite seven times a
file with different patterns for each deletion, imagine what happens
when you delete a 100 MBytes file...).

The only truly secure way to do is encryption: if all data that gets to
the disk is encrypted, physical details about the disk are unimportant,
so security cannot be compromised by some smarter physicist with more
expensive tools.

--Thomas Pornin
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/