| 1 |
On Thu, Jan 17, 2013 at 10:58 PM, Peter Stuge <peter@×××××.se> wrote: |
| 2 |
> CAUTION: Note that shred relies on a very important assumption: that |
| 3 |
> the file system overwrites data in place. This is the traditional way |
| 4 |
> to do things, but many modern file system designs do not satisfy this |
| 5 |
> assumption. |
| 6 |
|
| 7 |
Whether the time for these utilities has fully come or not I won't |
| 8 |
comment on, but they're already obsolete, at least the way they |
| 9 |
operate. |
| 10 |
|
| 11 |
Really the only way to do secure deletion of data is to support it at |
| 12 |
the filesystem level, and make it an ioctl or whatever. And if you're |
| 13 |
going to do that you might as well encrypt all the data in the first |
| 14 |
place with file/block-specific keys that change on |
| 15 |
overwrites/deletes/etc). |
| 16 |
|
| 17 |
The sorts of things that make shred possible are the same sorts of |
| 18 |
things that tend to shred your data when you don't want to lose it. |
| 19 |
This is really beyond the realm of userspace as a result, now. |
| 20 |
|
| 21 |
Rich |
Archives