| gabriel rosenkoetter on Thu, 12 Sep 2002 20:10:08 +0200 |
|
On Thu, Sep 12, 2002 at 12:56:16PM -0400, Mental Patient wrote: > I've always treated files as if they were eternal. Thus, sensitive data > is encrypted, and there is no need to 'securely delete' it. What about in memory? On screen? I really should do that PLUG presentation on Van Eck phreaking I've joked about on IRC... > The fact that a filesystem is journaled shouldnt make deleting a file > more difficult as far as I know. The point of the journal is to quickly > restore the filesystem to a stable state in the event of a crash. Should > your delete be interrupted part way through, I suppose your chances are > bout even with a non-journaled filesystem for completeness. > Then again, maybe I've missed the point entirely. With a journal, you're right (all that's stored in a weird way is the metadata, the regular data doesn't move around, which means you can just pound it with 0, 1, 0 passes and be done). With a log- structured file system, you've got at least two problems I can think of off the top of my head: 1. The blocks where the current metadata says the file lives aren't the only place it lives. (It may have been migrated by the cleaner daemon to free up a segment for reuse when it's mostly empty). 2. The cleaner daemon might decide to migrate the data out from under your shredder. (Seems unlikely, if not impossible. Sort of depends on what your OS's abstract vfs nodes look like, I think.) -- gabriel rosenkoetter gr@eclipsed.net Attachment:
pgpkSwerjuw2a.pgp
|
|