From gwbrown1 at gmail.com Sat Jul 26 20:04:43 2014 From: gwbrown1 at gmail.com (Greg Brown) Date: Sat, 26 Jul 2014 20:04:43 -0400 Subject: [Trilug-ontopic] secure removal of files on a usb stick Message-ID: Which is better in theory? To use srm like this: srm -v -r ./usb-stick-mount-point or to umount the drive and go with: shred -vzn 3 /dev/sda# (in this case sda1) Throw out the 3 vs. 38 wipes of data - if that is critical assume 'shred -vzn 38'. Thoughts? Greg -------------- next part -------------- An HTML attachment was scrubbed... URL: From ncdave4life at gmail.com Sat Jul 26 21:34:55 2014 From: ncdave4life at gmail.com (David Burton) Date: Sat, 26 Jul 2014 21:34:55 -0400 Subject: [Trilug-ontopic] secure removal of files on a usb stick In-Reply-To: References: Message-ID: The problem with srm is that it doesn't overwrite the freespace, which might contain recoverable data. However, there's no need to repeatedly overwrite. It wastes time and puts unnecessary wear on the device. The fear that someone could recover data which has only been overwritten once is superstitious nonsense. This is sufficient: ddrescue /dev/zero dev/sda1 Dave On Sat, Jul 26, 2014 at 8:04 PM, Greg Brown wrote: > Which is better in theory? To use srm like this: > > srm -v -r ./usb-stick-mount-point > > or to umount the drive and go with: > > shred -vzn 3 /dev/sda# (in this case sda1) > > Throw out the 3 vs. 38 wipes of data - if that is critical assume 'shred > -vzn 38'. > > Thoughts? > > Greg > > > _______________________________________________ > Trilug-ontopic mailing list > Trilug-ontopic at trilug.org > http://www.trilug.org/mailman/listinfo/trilug-ontopic > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From gwbrown1 at gmail.com Sat Jul 26 21:47:24 2014 From: gwbrown1 at gmail.com (Greg Brown) Date: Sat, 26 Jul 2014 21:47:24 -0400 Subject: [Trilug-ontopic] secure removal of files on a usb stick In-Reply-To: References: Message-ID: Is there any benefit using /dev/random or /dev/urandom in this scenario? On Sat, Jul 26, 2014 at 9:34 PM, David Burton wrote: > The problem with srm is that it doesn't overwrite the freespace, which > might contain recoverable data. > > However, there's no need to repeatedly overwrite. It wastes time and puts > unnecessary wear on the device. The fear that someone could recover data > which has only been overwritten once is superstitious nonsense. This is > sufficient: > > ddrescue /dev/zero dev/sda1 > > Dave > > > > On Sat, Jul 26, 2014 at 8:04 PM, Greg Brown wrote: > >> Which is better in theory? To use srm like this: >> >> srm -v -r ./usb-stick-mount-point >> >> or to umount the drive and go with: >> >> shred -vzn 3 /dev/sda# (in this case sda1) >> >> Throw out the 3 vs. 38 wipes of data - if that is critical assume 'shred >> -vzn 38'. >> >> Thoughts? >> >> Greg >> >> >> _______________________________________________ >> Trilug-ontopic mailing list >> Trilug-ontopic at trilug.org >> http://www.trilug.org/mailman/listinfo/trilug-ontopic >> >> > > _______________________________________________ > Trilug-ontopic mailing list > Trilug-ontopic at trilug.org > http://www.trilug.org/mailman/listinfo/trilug-ontopic > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From porter at trilug.org Sat Jul 26 23:50:29 2014 From: porter at trilug.org (Alan Porter) Date: Sat, 26 Jul 2014 23:50:29 -0400 Subject: [Trilug-ontopic] secure removal of files on a usb stick In-Reply-To: References:

Message-ID: <53D47705.1050502@trilug.org> > Is there any benefit using /dev/random or /dev/urandom in this scenario? Not on a flash drive. Perhaps on a magnetic disk drive, since a forensics expert could look at the magnetic spots on the platter to distinguish a "1 covered up by a 0" from a "0 covered up by a 0". This is where the multiple writes are useful. If you don't think someone is going to crack open the case and examine the platters, then "dd if=/dev/zero" should be good enough. Alan From ncdave4life at gmail.com Sun Jul 27 01:12:33 2014 From: ncdave4life at gmail.com (David Burton) Date: Sun, 27 Jul 2014 01:12:33 -0400 Subject: [Trilug-ontopic] secure removal of files on a usb stick In-Reply-To: <53D47705.1050502@trilug.org> References:

<53D47705.1050502@trilug.org> Message-ID: Truly, even with modern hard disk drives, I am sure that there's no way that overwriting one time with zeros could be insufficient, not even if the NSA and the Russian FSB (nee KGB) work together to try to recover your overwritten data. One possible problem with dd, however, is that it writes BIG chunks, and when it gets to the end of the drive I think it might fail to overwrite the last sectors, if the end of the requested write block doesn't align with the end of the device. I could be wrong about that, though, and it might vary from one system to another. Dave On Sat, Jul 26, 2014 at 11:50 PM, Alan Porter wrote: > > > Is there any benefit using /dev/random or /dev/urandom in this scenario? > > Not on a flash drive. > > Perhaps on a magnetic disk drive, since a forensics expert could look at > the magnetic spots on the platter to distinguish a "1 covered up by a 0" > from a "0 covered up by a 0". This is where the multiple writes are > useful. > > If you don't think someone is going to crack open the case and examine > the platters, then "dd if=/dev/zero" should be good enough. > > Alan > > -------------- next part -------------- An HTML attachment was scrubbed... URL: