1 |
On Thu, Jan 17, 2013 at 10:58 PM, Peter Stuge <peter@×××××.se> wrote: |
2 |
> CAUTION: Note that shred relies on a very important assumption: that |
3 |
> the file system overwrites data in place. This is the traditional way |
4 |
> to do things, but many modern file system designs do not satisfy this |
5 |
> assumption. |
6 |
|
7 |
Whether the time for these utilities has fully come or not I won't |
8 |
comment on, but they're already obsolete, at least the way they |
9 |
operate. |
10 |
|
11 |
Really the only way to do secure deletion of data is to support it at |
12 |
the filesystem level, and make it an ioctl or whatever. And if you're |
13 |
going to do that you might as well encrypt all the data in the first |
14 |
place with file/block-specific keys that change on |
15 |
overwrites/deletes/etc). |
16 |
|
17 |
The sorts of things that make shred possible are the same sorts of |
18 |
things that tend to shred your data when you don't want to lose it. |
19 |
This is really beyond the realm of userspace as a result, now. |
20 |
|
21 |
Rich |