Slashdot Mirror

← Back to Stories (view on slashdot.org)

Why 'rm -R star' Isn't Enough

Posted by timothy on from the clear-your-cache dept.

zdburke writes: "Short but interesting article in the New York Times (free reg req'd) about how difficult it is to cover your digital tracks because electronic documents are so well distributed -- on your lap top, on your workstation, on the server... Yes there are tools to thoroughly delete files on your computer, rather than just unlinking them when they're put in the trash, but it's the distributed nature of content these days that poses a special problem to the Ollie North's of the world."

9 of 396 comments (clear)

  1. Mirrors by alsta · · Score: 4, Insightful

    If you're afraid that mirrors will copy your files, why don't you just overwrite the file with the same name, just some bogus data. That file will be mirrored again since it has a new date.

    Sometimes when a problem gets high tech, it's time for a low-tech approach.

    --
    Wealth is the product of man's capacity to think. -Ayn Rand
  2. Re:It's you that controls distribution... by BlueWonder · · Score: 2, Insightful

    Remember the car that parked in front of your house while you copied the data to the floppy disk?

    In the car, someone intercepted the electromagnetic waves coming from your computer and reconstructed the data from them. He then made a million copies of the data and distributed them to hidden places all over the world.

  3. Re:PGP by sunking2 · · Score: 3, Insightful

    You are safe until they start taking a hammer to your toes and fingers. Or cut off and stuff your own ear in your mouth. Or put a gun to your mothers head. While you may be somewhat protected from the government using such tactics, what about if what you had on your computer in someway incriminated the mob, or monsanto, or someone else (ie, you're a reporter or something).

    While its probably a silly movie, its kind of like in the soon to be released Nicholas Cage movie Windtalkers. For those not familiar, in WW2 the US used Navajo Indians to communicate because the Japaneese would never be able to figure out hte language. Nicholas Cage is a marine with orders to protect one of them. He also has orders to kill him rather than be captured. Your encryption is only as safe as your key and through drugs or violence i'm pretty certain just about any key can be extracted from someone.

  4. When you're done with a big job, always wipe. by Webmoth · · Score: 3, Insightful

    I find the following command useful:

    # dd if=/dev/random of=/dev/hda

    This is assuming, of course, that if your root partition is on /dev/hda, you don't mind reinstalling everything. It's sort of an OS suicide command.

    Using random data as opposed to zeroes is more secure because writing zeroes may leave a readable residual magnetic signature on the media whereas random data tends to obscure the mag sig.

    --
    Give me my freedom, and I'll take care of my own security, thank you.
  5. this ought to fix you up by alec314159 · · Score: 2, Insightful

    dd if=/dev/random of=/home
    Use whatever is appropriate instead of /home

    You can also overwrite files with zeros (such as the ones that come from /dev/zero or /dev/null), but the problem is that after such procedure, by physically examining the disk, one can often reconstruct the pre-existing data WITH A CERTAIN DEGREE OF ACCURACY.

    hth

  6. Real Importance by virg_mattes · · Score: 3, Insightful

    > Then again, I don't have anything that important anyways.

    Don't be so certain of that. Open up your wallet, and you'll see much of importance. No credit cards? That's not the most important thing you have. Take a close look at your driver's license, or any ID you have. That's of great value to many people, and whether or not you trust it to a computer most state governments will. Leaving something as simple as your name in a computer proves that a person by your name exists, which can be used for profit or to complete an agenda.

    Virg

  7. Re:How about shred? by Sobrique · · Score: 2, Insightful

    find $dir -exec shred -fuzv {} \;

  8. How about by Anonymous Coward · · Score: 1, Insightful

    I have heard that #dd if=/dev/zero of=/dev/hda
    might still leave it recoverable
    would #dd if=/dev/rand of=/dev/hda be any better? or would it be a marked improvement du to the predictability of pseudo-random number generators?

  9. Why no discussion of file slack space? by Goldenhawk · · Score: 5, Insightful

    I'm surprised I've seen no discussion here of the very basic problem of file slack space - that unallocated space at the end of the last sector of every data file, except those that exactly fill a disk sector. Most of the methods described here for easy ways to wipe empty hard drive space do not overwrite all the file slack space. You need a program that does that explicitly. Otherwise every sector with the tail end of a file contains easily recoverable data, although disassociated from any filename. Given that the slack space on a hard drive averages out to $sectorsize*$numfiles/2 (on average, 1/2 of a sector, times the number of files), the average 40Gb hard drive with 10,000 files might have 50Mb or more of recoverable data, even if the "empty" space were completely and unrecoverably wiped.

    I learned about this while preparing to publish a program commercially, and discovered that (at least at the time) files I copied to the distribution media master sometimes contained sensitive data, such as the source code, from my own hard drive. Basically, DOS wasn't very picky about copying a few extra bytes along with the actual file length, as long as the extra bytes didn't go past the end of the destination sector. The answer? I used a slack wiping program on the master disk before sending it for duplication.

    --
    --Brandon / Split Infinity Music