security newbie, but not Linux newbie. advice on secure delete tools
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Originally posted by ddaas
the test I've made is relevant.
I write some text in a file, then #shred file_name and then #strings /dev/hda1 | grep 'mytext'
I could find the text.
The test I've made on ext3 file system.
Chances are that you're seeing the journal.
For a proper test you'd have to use an external journal or create a journal with the smallest size possible and do some heavy filesystem work before shredding the file.
According to the mke2fs manpage:
Quote:
The size of the journal must be at least 1024 filesystem blocks (i.e., 1MB if using 1k blocks, 4MB if using 4k blocks)
The easy way i found to deal with this problem was to create a ramdisk, then do anything i need to with gpg etc on the ramdisk.
If you need to remove it, you either switch the machine off, or if your totally paranoid run smem or sfill, then format the ramdisk (followed by powerdown).
If your looking for a way to instantly make data unrecoverable to the majority of people, do it in ram.
My friend took it one step further and created an encrypted ramdisk, but i'd view that as taking it to the extreme.
My friend took it one step further and created an encrypted ramdisk, but i'd view that as taking it to the extreme.
I think it's healthy paranoia because /dev/ram* may be read by uid=root or gid=disk or via /dev/mem with the same uid or gid=kmem (gid's may vary on each system)
Also, ramdisks could be remounted and data will still be there.
I've been using encrypted loop devices when encrypting/decrypting/modifying my passwords file. An encrypted ramdisk is a good idea because it's faster (which is perfect for large files). The problem with ramdisks is that this RAM is not reusable by the kernel later (it will always be allocated for that particular ram device) and the only way to free up this space is to reboot.
An extra step of paranoia would be to turn off swap if it isn't encrypted. Fortunately, gnupg uses mlock() to prevent the buffer it uses from being paged to disk
If you really have to do things on hard drive storage, use ext2 partitions, and prepare to spend hours using sfill, and the eventual fsck errors that come with it. If you just really need an area to do secure things whack a gig of ram in a machine and use a 256mb ramdisk w/encryption, and use a script to wipe it and reformat it after use.
Its a sticky subject, you can take things way to far, to the point of making things ultra complicated. If you are encrypting the ramdisk, do you generate a one time random key each time to another ramdisk, or just use a single key on safe media, etc.
The only true effective way to secure that data though is an angle grinder or a chemical called thermite.
The fact that the US gov takes there hard drives, grinds them to dust then stores the dust in barrels in high security compounds for a time period of around 50-100 years, gives you an idea of how extreme you can take it to.
I was pointing at the fact that a temporary encrypted filesystem is better than a ramdisk in most cases because this memory can't be reused (at least, this is what states the fairly old documentation in the linux kernel). If it did (which would be desiderable in some cases), then this memory would be assigned to processes and either you or the kernel should have to wipe its bytes before being mapped to any process.
Quote:
The fact that the US gov takes there hard drives, grinds them to dust then stores the dust in barrels in high security compounds for a time period of around 50-100 years, gives you an idea of how extreme you can take it to.
I don't know if it's proper to talk about politics here (specially "these times"), but I'd state the obvious: the modern way of life is self-destructive in an very absurd and pointless way. I myself would never trash a hard drive that way because environmental concerns are more important to me than security ones. (Note that a hard drive costs money too, but the environment variable is never accounted for, and when it is, most of the time it's put behind. This must change on the immediate future and will be the world's primary concern when the consequences of our collective actions become obvious)
Pseudo-representative entities of any kind are like strange specimen with strange needs and appear to have a life of its own. Exactly what gives them the right?
People's inertia and apathy is what lets them to do the stupid things they do
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
because /dev/ram* may be read by uid=root or gid=disk or via /dev/mem with the same uid or gid=kmem (gid's may vary on each system)
