Disk over writing software - Page 2

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Re: Disk over writing software

Subba Rao wrote:
Quoted text here. Click to load it

(groups trimmed)
How feasible this may or may not be, and by software means alone, may
depend on various factors, such as the nature of the hardware, the
relative degree of difficulty to be created regarding any data
recovery from the media, and the filesystem type and method(s) used.

First of all, overwriting an entire filesystem, or larger area of the
disk, will generally be more secure than attempting to overwrite less
than an entire filesystem.  Secure overwrite of file(s) may be
particularly problematic with filesystems which use journaling,
where, at least typically, overwriting the same byte offset ranges to
the same file multiple times, does not result in the data being
repeatedly rewritten to the same areas on the disk.  For more
specialized operations, this limitation may be at least partially
overcome, by working with more specialized tools/software, and on
filesystem which is unmounted.  Note also, to generally be secure in
overwriting less than all data on a filesystem, it will generally be
necessary to overwrite all free (unallocated) blocks and slack space
(space within allocated blocks that doesn't contain data which is to
be left as it exists - e.g.  if a 512 byte sector has been allocated
as the single data block for a file of logical length 100 bytes,
there are 412 bytes of slack space in that sector; similar also
typically applies to meta-data areas of the disk (directory
structure, etc.)).  These issues can also be further complicated if
other technologies are used (e.g. RAID, Logical Volume Management
(LVM), etc.) - e.g. the file's data may not only exist as part of the
file's data proper, but may also exist elsewhere on disk, in areas
that are no longer part of the file's data.  More modern (e.g.
non-ancient) drives also do remapping of sectors, so that an area
that may be problematic or unreliable, may still contain data, but
may not be accessed through the customary means, or via ordinary
hardware and software (e.g., in use, drive finds a sector which is
becoming difficult to read - it copies that data (upon read, or next
overwrite) somewhere else, remapping the sector, and never uses the
old sector again - that could happen at essentially any time -
including the instant one decides one needs to overwrite and securely
wipe that data).

If one is actually dealing with government classified data, there
likely are applicable standards to be used for the storage, handling,
and destruction of the data - and there may be severe civil and/or
criminal penalties for failing to follow the required procedures.

If one is dealing with data which isn't governmentally classified,
it's usually a matter of risk assessment.  E.g. how valuable/critical
is the data vs. what are appropriate estimates of the resources
(available/obtainable and time) a potential adversary may likely have
and be willing to expend to attempt to recover the data - also taking
into account estimates into the future of those factors, for as long
as the data may potentially be of value.

       CAUTION:  Note  that  shred relies on a very important
assumption: that
       the filesystem overwrites data in place.
Google Is Your Friend / Search The Fine Web (GIYF/STFW)

Site Timeline