Question on securely wiping EXT3 and some questions on linux and privacy in general

Charlie Kravetz cjk at teamcharliesangels.com
Thu Mar 27 04:09:38 UTC 2008 

On Tue, 2008-03-25 at 17:04 +0100, Naja Melan wrote:
> hi,
> 
> I accidently saved some files in /media/truecrypt1 when it wasn't
> mounted yet.... so basically like in so many cases one could be in
> need of secure wipe...
> 
> As in many cases, the filenames are more sensitive than the data. And
> no, im not trying to hide my porn from my mom, in which case rm would
> have satisfied nicely...
> 
> I have been reading around and it seems shred is the more advanced
> tool compared with the alternative dd... Apart from that just some
> tools that offer to wipe free space and swap...
> 
> 
> As we all know, EXT3 is a journalling file system, which stores at
> default level meta data about hard disk access... Im quite certain
> that shred and dd don't wipe that, and what about some master file
> table...?
> 
> Does anyone know if there are tools to get secure delete of a file on
> EXT3 that takes care of everypart of data including metadata, file
> names etc...
> 
> 
> 
> 
> 
> Further more, i would like to inform about people's opinions on
> privacy in linux, and specifically ubuntu...
> 
> Remember the times when we were all  blaming microsoft for not
> respecting our privacy, and all sorts of conspiracy theories where
> being made up. I was a windows user in that time. Now im trying to see
> if linux is a viable alternative. So far, i've been very dissapointed
> with the privacy department of ubuntu (linux). I would have suspected
> with all the politicos being so fond of linux, that at least privacy
> would be well respected. Now, lets compare my experience so far.
> 
> On windows we have:
> 
>      1. IE
>         -> but use firefox instead
>      2. ntfs
>         -> but have eraser which will deal with everything, including
>         the $logfile (journal)
>      3. indexer service
>         -> but it is easily turned off in the GUI if it's on by
>         default, which im not even sure anymore
>      4. recent files list in software and the os      -> software is
>         individual on this, and on OS level, it requires a registry
>         tweak, not very userfriendly.
>      5. sending crash reports, etc...                       -> windows
>         has always politely asked me whether to send these...
> 
> 
> On ubuntu we have (what i have discovered so far, all enabled by
> default against my choice with no notification of it, nor centralised
> documentation on how to turn it off):
> 
>      1. recent documents                      -> setting the
>         permissions to it couldn't be written anymore didn't do the
>         trick for me. So far i havent been able to turn it off.
>      2. locate indexer                              -> you can turn
>         this of from the GUI
>      3. nautilus history                            -> despite the
>         preferences window, and searching internet, no way to turn it
>         off
>      4. ext3                                                -> see
>         question above - can't find a way to be sure with the
>         journalling
>      5. apport sending crash reports  -> Im not entirely sure, but i
>         have the impression that this is sending stuff without asking
>         me... knotify hasn't because it has always crashed when it
>         popped up...lol
>      6. automatic updates                     -> this has been enabled
>         by default, but i havn't worried about it, and have not tried
>         yet to turn it off...
> 
> 
> now without a doubt im forgettin lots of stuff here, but so far i must
> say that contrary to my beliefs when switching towards linux, i feel
> more confortable on a windows computer to limit ( i don't feel
> entirely safe at all ) the traces i leave behind. I really thought
> that switching to linux would free me from crap like recent documents
> and other histories, and indexers indexing the contents of my files.
> Not only is it hard or impossible to find how to turn certain things
> off, since all the nice privacy violating features are on by default,
> you have to remember to turn them off every time you install ubuntu
> again. That is error prone, and easy to forget something.
> 
> Am I the only one thinking all that? Am i condemned to using something
> like Security Enchanced Linux, which is being provided by the nice and
> privacy minded likes of NSA... Operating systems which will have the
> focus on security, which will then probably have even worse usability
> than ubuntu?
> 
> if you disagree that ubuntu is not very userfriendly, well, standards
> differ, but i don't mind writing down the first few hassles that
> spring to my mind... But let me tell you that in the few months i have
> been using ubuntu, i have spend many more hours running to the
> internet trying to find out how to solve bugs, and how to get things
> done than in the past ten years of using windows...
> 
> as a few examples, 
>      1. the installer of ubuntu has an advanced button in the end for
>         grub settings. It provides wonderful explanation in the sense
>         of: "grub help goes here", after which it installs a faulty
>         menu.lst for grub unless you install it on the first hdd. This
>         leads to a system that doesn't boot and you need to know about
>         grub to rectify the settings before you can boot... wow great
>         for the average user...!
>      2. no playing mp3's or closed formats without internet support
>         and too much time on your hands to solve it, by the way, after
>         several hours now i still can't get xmms to play flac, even
>         with all plugins installed... ( just as a side note )
>      3. standard archiver comes without drag and drop support
>      4. I've had to use tons of command line, which has to be given
>         that it is powerful if you have the right person tell you what
>         commands to use, but if you are home without internet, it's
>         very user unfriendly.
>      5. I've had tons of apps crashing, freezing, i've had the OS
>         freezing, crashing, not booting, I've had gdm not starting
>         after setting settings in the GUI, i've had tons of annoyances
>         to keep it short
> That are just a few examples...does it look like i want to step to an
> OS that is more secure but even less usable? NO!
> 
> Am I really the only one having all this problems, or should we try to
> solve all this somehow? well, HOW????? My experience in OS development
> is, well...'\0'...
> 
> Experience in debugging OS is building up though...I don't usually
> report ubuntu bugs, because I would have to report one everyday. That
> would lead to 2 things: wasting more of my time every day, and also it
> would feel like taking the piss, because with a system that crippled,
> we need to solve the bugs, not report them, innit?
> 
> greets,
> naja 
> 
> solutions welcome...

Try  ¨shred --help¨ in a terminal. I think you will find it does work on
EXT3 file systems. 

good luck,
> 
-- 
Charlie Kravetz 
Linux Registered User Number 425914          [http://counter.li.org/]
Never let anyone steal your DREAM.           [http://keepingdreams.com]

More information about the ubuntu-users mailing list