Mental Patient on Thu, 12 Sep 2002 21:10:11 +0200

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] secure file deletion with journaling filesystems

gabriel rosenkoetter wrote:

On Thu, Sep 12, 2002 at 12:56:16PM -0400, Mental Patient wrote:

I've always treated files as if they were eternal. Thus, sensitive data is encrypted, and there is no need to 'securely delete' it.

What about in memory? On screen?

How does shred or srm help with that either?

I really should do that PLUG presentation on Van Eck phreaking I've
joked about on IRC...

It'd be interesting, but you could always sit outside my room with a decent pair of binoculars.

The fact that a filesystem is journaled shouldnt make deleting a file more difficult as far as I know. The point of the journal is to quickly restore the filesystem to a stable state in the event of a crash. Should your delete be interrupted part way through, I suppose your chances are bout even with a non-journaled filesystem for completeness.
Then again, maybe I've missed the point entirely.

With a journal, you're right (all that's stored in a weird way is the metadata, the regular data doesn't move around, which means you can just pound it with 0, 1, 0 passes and be done). With a log- structured file system, you've got at least two problems I can think of off the top of my head:

1. The blocks where the current metadata says the file lives aren't
the only place it lives. (It may have been migrated by the cleaner
daemon to free up a segment for reuse when it's mostly empty).

2. The cleaner daemon might decide to migrate the data out from
under your shredder. (Seems unlikely, if not impossible. Sort of
depends on what your OS's abstract vfs nodes look like, I think.)

Again, if the file is encrypted, it doesnt matter. You shouldnt even need to delete it really.
Thats all I was saying.

-- Mental (

This body. This body holding me. Be my reminder here that I am not alone in
This body, this body holding me, feeling eternal
All this pain is an illusion.

--Tool "Parabola"


GPG public key:

Attachment: pgpSFhq48gsQz.pgp
Description: PGP signature