[ Date Index ][
Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
Adrian Midgley wrote:
Short of encrypting the filestore, just arranging that gone is _gone_ would be a useful thing.
Encrypting the file system is easy in Linux, SuSe include the encrypted file system, you just say you want it encrypted. You may also want to look at where temporary data is stored /tmp, /var/tmp, $TMP $TMP_DIR etc. Usually to extract any useful information from empty blocks you need root access, I suspect there are probably ways of grabbing some "empty" disk space as a non-root user without zeroing it, whether you can do so meaningfully is an interesting question. Overwriting data 6 fold is way over the top for most data, it was suggested that the millitary intelligence groups do such things, but I've only ever heard of them using hammers and incinerators to deal with redundant electronic systems with sensitive data. Which do you think makes more sense? The logic behind multiple overwriting, was that the edges of the track might retain some small areas of magnetised data that would allow recovery under something like a scan by a STEM, it is not even clear if given the quality and size of modern electromagnetic media whether this would be anywhere near as effective a data recovery tool as it once was. Fulling up a file system as root (Ordinary users can't use all the free blocks on ext2) with random data will overwrite all the data in the free block list. Given that modern SCSI disks (and others?) perform bad block reallocation, it is not clear to me that it is possible to erase all data written to a modern SCSI disk without a hammer and incinerator, or possibly low level hardware format of disk, certainly a kernel patch to achieve the same effect is unlikely to be perfect. There are already kernel patches that zero blocks written to the free block list I believe. Historically the McCrusick file systems reused the blocks most recently added to the free block list first (Subject to fragmentation issues), which is why either no undelete existed, or if it did exist was mostly useless. -- Are you using the Internet to best effect ? www.eighth-layer.com Tel: +44(0)1395 232769 ICQ: 116952768 Moderated discussion of teleworking at news:uk.business.telework -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.