Slashdot Mirror

← Back to Stories (view on slashdot.org)

Why 'rm -R star' Isn't Enough

Posted by timothy on from the clear-your-cache dept.

zdburke writes: "Short but interesting article in the New York Times (free reg req'd) about how difficult it is to cover your digital tracks because electronic documents are so well distributed -- on your lap top, on your workstation, on the server... Yes there are tools to thoroughly delete files on your computer, rather than just unlinking them when they're put in the trash, but it's the distributed nature of content these days that poses a special problem to the Ollie North's of the world."

17 of 396 comments (clear)

  1. Not a problem... by Sabalon · · Score: 5, Funny

    On my harddrive space challenged machine, usually the reason I delete something is to make room for something else. So, chances are if they want "super-secret-MS-secrets.txt", the sectors have already been overwritten by "bspears-nude.jpg"

    :)

  2. It's you that controls distribution... by Calle+Ballz · · Score: 5, Funny

    Say you have important information on your hard drive. You only want one other person to see that information so you put that information on a floppy disk then give it to that person. No one else can see this information. You then take a pencil and stab the magnetic film of the floppy about 30 - 40 times. You then take lighter fluid and douse the entire floppy and light it. Stomp on the ashes for extra measure. Since the data has been on your computer. You must first take your hard drive out. Expose it to a giant magnet, then shoot it with a 12 guage (twice). Take all the IC's out of your computer and smash them with a sledgehammer, then run over them with your truck. Burn those with lighter fluid too. Since your monitor most likely displayed that sensitive information, you must take it to a helicopter and drop it. Have the helicopter land on the debris for safe measure.

    Ensure that the other person gives your data to no one. Do a thorough background check on him and his closest 50 living relatives. After he is done processing the information; shoot him.

    No need to worry about any information getting anywhere.

  3. Gotta get one of them thar modern computers by Sabalon · · Score: 4, Funny

    That is because modern computers organize information by using file-system directories that point to physical areas on a disk drive where the data resides. "Deleting" the information usually only breaks the link between the directory and the data so that the original storage space can be reused in the future.

    Gee...what a stride. Too bad we didn't have technology like this in the 80's. A company like Norton could have made a killing making tools to relink the file table with these sectors, almost as if they were UNDELETEing the file.

    I just love expressions like "modern computers" used in this way, when the reporter meant to say "Well...this is new to me, must be new to the computer too." Of course, we all know that it is the computer that has this behaviour - not the OS sitting on top of it :)

    IIRC, DOS used to just replace the first character name of a file with a ? in the FAT when you deleted it, so to undelete it, you just supplied a letter to "rename" the file as.

  4. Easy by Anonymous Coward · · Score: 2, Funny

    cat /dev/urandom > /dev/hda1

    repeat until satisfied

  5. of course its not enough by cr@ckwhore · · Score: 2, Funny

    Of course 'rm -R *' isn't enough...

    ... you need '-f'!

    Yeah, thats better.

    --
    Skiers and Riders -- http://www.snowjournal.com
  6. Answer was in earlier /. story by sacremon · · Score: 2, Funny

    Exploding chips. Just store the information on EEPROMs made from this material. You want to erase it? Just have it explode!

    --
    If you can't beat them, embrace and extend them.
  7. Re:That's why I own by QuasiRob · · Score: 2, Funny

    The irony is in the magnety

    --
    If you try to fail and succeed, which have you done?
  8. Re:That's why I own by stripes · · Score: 4, Funny
    I wonder when IBM or someone will build a HD with a self delete 'fail safe' system. When the drive powers down without a password, wipe.

    They have, the 75GXP.

  9. I was hired to recover files once by 4444444 · · Score: 5, Funny

    I was hired to recover files from a hard drive by a woman who was getting a divorce. Her husband had been cheeting on her. The moron had norton systemworks installed on his system and never defraged his drive. I was able to recover over a years worth of incriminating emails with nortons undelete. Boy was that easy money

    --

    http://Lenny.com
    4 great justice!
  10. Easy Solution... by telstar · · Score: 5, Funny

    If you have problems destroying documents, you could always ask Arthur Anderson or Enron.

  11. US Government Outlaws File Deletion by t_allardyce · · Score: 4, Funny

    The US government today announced plans to impose restrictions on so called 'File Deletion' utilities, and possibly even outlaw them altogether, in the name of national security. "These file deletion programs can be used by terrorists to cover their tracks, and remove evidence." claimed a government security expert. "criminals such as Osama Bin Laden, can cover up any electronic evidence, and make prosecution impossible." However, civil liberties groups claim that the ban would infringe their first amendment rights. Other experts claim that anyone can create a file deletion program with even basic programming knowledge. We interviewed one expert who explained how: "One simple way to make sure your data is wiped clean, is remove the hard drive from your computer, and place it in a furnace for 15-20 minutes." the interview was cut short, when government agents stormed the building and arrested the expert for "discussing circumnavigation devices for data deletion".

    --
    This comment does not represent the views or opinions of the user.
  12. Re:Undeleting files on *nix by dunstan · · Score: 4, Funny

    This is the basis of my favourite party trick - booting a Linux system without a kernel. As LILO works pointing to a disc location (rather than a filetable entry), you can boot a system from a kernel which has been deleted as follows:

    1) Put /boot into its own disc partition (to stop normal filesystem activity reclaiming the disc blocks)
    2) Use lilo etc., to set the machine to boot off a kernel image
    3) rm the kernel file
    4) reboot the machine

    Because nothing in /boot has reclaimed the disc blocks, LILO will still be able to start loading at the the same data location, and will still find disc blocks which constitute a valid kernel. Voila, you've deleted your kernel, but still booted it.

    Obviously, Don't Try this out unless you know what you're doing - and even then try it with a spare kernel, not your only one.

    Dunstan

    --
    The last scintilla of doubt just rode out of town
  13. Doh! by d0minique · · Score: 5, Funny
    Her husband had been cheeting on her.

    Was it the orange stains on his hands and the faint odor of cheese that gave him away?

  14. The Solution by virg_mattes · · Score: 3, Funny

    This recovery is a breeze. Just follow these easy steps.

    1.) Take the HD out of your machine, take it to your clean room, and crack it open.
    2.) Pull the platters, one by one, run them under your magnetometer, and use the programming in your magnetometer to develop a magnetic wave map of your drive. Store this image in your workstation.
    3.) Run the analyser over the waveform to get a datamap of the drive. Be sure to save the layers as separate images.
    4.) Pan back through the resulting images, and find the one that corresponds to the drive topology at the time you want (the time when the file/data still existed in readable format).
    5.) Create a disk image file from that waveform.
    6.) Mount the resulting image, and copy your file to a more secure location.

    See? Quick and easy.

    Virg

  15. You have to press 'y' too many times by debrain · · Score: 4, Funny

    'rm -Rf star' is much preferrable, or '/bin/yes | rm -R star'. Otherwise you would be there all day pressing 'y'. You could always do it the Homer Simspon water bird way...

    (I know ... offtopic and frivilous...)

  16. Re:Undeleting files on *nix by Anonymous Coward · · Score: 1, Funny

    There's an interesting Karma-building technique... When you have something good to post, screw up the URLs, then follow it up with a post with the right URLs. That way both posts can get modded up.

  17. Re:Like Vince Foster, eh? NYT = communist rag. by Erris · · Score: 3, Funny
    Oliver North got caught shredding, and the Clintons didn't

    That's because they knew how. Murder was part of it.

    --
    DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.