Wiping Out Data

Jeffrey F. Bloss jbloss at tampabay.rr.com
Fri Mar 30 00:44:27 UTC 2007 

Matthew Flaschen wrote:

> Jeffrey F. Bloss wrote:
> > Matthew Flaschen wrote:
> > 
> >> Jeffrey F. Bloss wrote:
> >>> I'd wager that dd fails in this context too, even if as Matt suggested
> >>> you immediately recreate a file system on the "overwritten" device.
> >> Well, that explains why dd is useless for this.  However, I
> >> /recommended/ shred, which does work.
> > 
> > That's what I've always used, and it certainly does work better than
> > dd. But just to beat the dead horse one more time, on journaling file
> > systems
> 
> I'll do the same, and reiterate that filesystems are irrelevant when
> you're operating at the device level.

Not so easy to accomplish in fact, and even if it's done perfectly the
hardware itself might booger things up...

http://wipe.sourceforge.net/

> , but
> > in the practical world the only truly secure way to keep data from being
> > recovered is strong encryption... making the issue of physical recovery
> > irrelevant.
> 
> Uh, no.   If the attacker gains permanent physical access to the drive
> (e.g. after it's discarded), they have unlimited time to brute-force any
> encryption.

I think you're overlooking the carefully chosen phrase "practical
world". People don't generally live for unlimited periods of time or
have the processing muscle at their disposal to launch successful
attacks against strong cryptography. They may, however, find it
practical or even trivial to exploit some flaw in a wiping scheme that
fails to write bits to a drive, depending on how serious that flaw is. 

The former fact simply makes the latter question meaningless in the real
world. We could wax eternal about cracking Twofish in a billion billion
years and it will still be irrelevant in context, except that it
demonstrates how tantamount "practicality" is to delimiting strong
cryptography from weak. No sane person would ever suggest good crypto
isn't crackable (OTP aside), it's always been a cat and mouse game where
the mouse makes it so outlandishly difficult for the cat, poor kitty
knows trying is futile and looks elsewhere.

And we haven't even begun to discuss the issue of encrypted data
reaching end of life and making even the cracking of encryption itself,
irrelevant. :)

-- 
     _?_      Outside of a dog, a book is a man's best friend.
    (o o)         Inside of a dog, it's too dark to read.
-oOO-(_)--OOo------------------------------[ Groucho Marx ]---
                    http://wrench.homelinux.net/~jeff/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 892 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20070329/be468d68/attachment.sig>

More information about the ubuntu-users mailing list