Question on securely wiping EXT3 and some questions on linux and privacy in general
Charlie Kravetz
cjk at teamcharliesangels.com
Thu Mar 27 04:09:38 UTC 2008
On Tue, 2008-03-25 at 17:04 +0100, Naja Melan wrote:
> hi,
>
> I accidently saved some files in /media/truecrypt1 when it wasn't
> mounted yet.... so basically like in so many cases one could be in
> need of secure wipe...
>
> As in many cases, the filenames are more sensitive than the data. And
> no, im not trying to hide my porn from my mom, in which case rm would
> have satisfied nicely...
>
> I have been reading around and it seems shred is the more advanced
> tool compared with the alternative dd... Apart from that just some
> tools that offer to wipe free space and swap...
>
>
> As we all know, EXT3 is a journalling file system, which stores at
> default level meta data about hard disk access... Im quite certain
> that shred and dd don't wipe that, and what about some master file
> table...?
>
> Does anyone know if there are tools to get secure delete of a file on
> EXT3 that takes care of everypart of data including metadata, file
> names etc...
>
>
>
>
>
> Further more, i would like to inform about people's opinions on
> privacy in linux, and specifically ubuntu...
>
> Remember the times when we were all blaming microsoft for not
> respecting our privacy, and all sorts of conspiracy theories where
> being made up. I was a windows user in that time. Now im trying to see
> if linux is a viable alternative. So far, i've been very dissapointed
> with the privacy department of ubuntu (linux). I would have suspected
> with all the politicos being so fond of linux, that at least privacy
> would be well respected. Now, lets compare my experience so far.
>
> On windows we have:
>
> 1. IE
> -> but use firefox instead
> 2. ntfs
> -> but have eraser which will deal with everything, including
> the $logfile (journal)
> 3. indexer service
> -> but it is easily turned off in the GUI if it's on by
> default, which im not even sure anymore
> 4. recent files list in software and the os -> software is
> individual on this, and on OS level, it requires a registry
> tweak, not very userfriendly.
> 5. sending crash reports, etc... -> windows
> has always politely asked me whether to send these...
>
>
> On ubuntu we have (what i have discovered so far, all enabled by
> default against my choice with no notification of it, nor centralised
> documentation on how to turn it off):
>
> 1. recent documents -> setting the
> permissions to it couldn't be written anymore didn't do the
> trick for me. So far i havent been able to turn it off.
> 2. locate indexer -> you can turn
> this of from the GUI
> 3. nautilus history -> despite the
> preferences window, and searching internet, no way to turn it
> off
> 4. ext3 -> see
> question above - can't find a way to be sure with the
> journalling
> 5. apport sending crash reports -> Im not entirely sure, but i
> have the impression that this is sending stuff without asking
> me... knotify hasn't because it has always crashed when it
> popped up...lol
> 6. automatic updates -> this has been enabled
> by default, but i havn't worried about it, and have not tried
> yet to turn it off...
>
>
> now without a doubt im forgettin lots of stuff here, but so far i must
> say that contrary to my beliefs when switching towards linux, i feel
> more confortable on a windows computer to limit ( i don't feel
> entirely safe at all ) the traces i leave behind. I really thought
> that switching to linux would free me from crap like recent documents
> and other histories, and indexers indexing the contents of my files.
> Not only is it hard or impossible to find how to turn certain things
> off, since all the nice privacy violating features are on by default,
> you have to remember to turn them off every time you install ubuntu
> again. That is error prone, and easy to forget something.
>
> Am I the only one thinking all that? Am i condemned to using something
> like Security Enchanced Linux, which is being provided by the nice and
> privacy minded likes of NSA... Operating systems which will have the
> focus on security, which will then probably have even worse usability
> than ubuntu?
>
> if you disagree that ubuntu is not very userfriendly, well, standards
> differ, but i don't mind writing down the first few hassles that
> spring to my mind... But let me tell you that in the few months i have
> been using ubuntu, i have spend many more hours running to the
> internet trying to find out how to solve bugs, and how to get things
> done than in the past ten years of using windows...
>
> as a few examples,
> 1. the installer of ubuntu has an advanced button in the end for
> grub settings. It provides wonderful explanation in the sense
> of: "grub help goes here", after which it installs a faulty
> menu.lst for grub unless you install it on the first hdd. This
> leads to a system that doesn't boot and you need to know about
> grub to rectify the settings before you can boot... wow great
> for the average user...!
> 2. no playing mp3's or closed formats without internet support
> and too much time on your hands to solve it, by the way, after
> several hours now i still can't get xmms to play flac, even
> with all plugins installed... ( just as a side note )
> 3. standard archiver comes without drag and drop support
> 4. I've had to use tons of command line, which has to be given
> that it is powerful if you have the right person tell you what
> commands to use, but if you are home without internet, it's
> very user unfriendly.
> 5. I've had tons of apps crashing, freezing, i've had the OS
> freezing, crashing, not booting, I've had gdm not starting
> after setting settings in the GUI, i've had tons of annoyances
> to keep it short
> That are just a few examples...does it look like i want to step to an
> OS that is more secure but even less usable? NO!
>
> Am I really the only one having all this problems, or should we try to
> solve all this somehow? well, HOW????? My experience in OS development
> is, well...'\0'...
>
> Experience in debugging OS is building up though...I don't usually
> report ubuntu bugs, because I would have to report one everyday. That
> would lead to 2 things: wasting more of my time every day, and also it
> would feel like taking the piss, because with a system that crippled,
> we need to solve the bugs, not report them, innit?
>
> greets,
> naja
>
> solutions welcome...
Try ¨shred --help¨ in a terminal. I think you will find it does work on
EXT3 file systems.
good luck,
>
--
Charlie Kravetz
Linux Registered User Number 425914 [http://counter.li.org/]
Never let anyone steal your DREAM. [http://keepingdreams.com]
More information about the ubuntu-users
mailing list