|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] HOWTO: Find a purpose for Garrison Keillor
|
- From: "Mag Gam" <magawake@gmail.com>
- To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
- Subject: Re: [PLUG] HOWTO: Find a purpose for Garrison Keillor
- Date: Mon, 5 Mar 2007 07:24:28 -0500
- Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=U4ZNwAwXdLE4RnpzRZc+jNhCk1KCHIMTFRluorcemRgZaH+U1JNo1TAqueMynBoB7ECboa0mY3YqQy9/ajIDwb+BTUeSMrYQBsAACq7jDSp352g329vomzMi4/q0ZtkVeQLHc2YZcq5x4L1q2bGp/R6QBSSiZuPkhHB/HrnfXF0=
- Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
- Sender: plug-bounces@lists.phillylinux.org
To wipe data clean, why not use 'shred' ?
http://www.gnu.org/software/coreutils/manual/html_node/coreutils_69.html
HTH
On 3/4/07, Walt Mankowski <waltman@pobox.com> wrote:
On Sun, Mar 04, 2007 at 04:22:28PM -0500, Matthew Rosewarne wrote:
> On Sunday 04 March 2007 15:50, Walt Mankowski wrote:
> > You'll get some random entropy when you type in the command.
> > /dev/urandom will use that up and then use the kernel's random number
> > generator. I guess I don't understand why you think this radio scheme
> > is a better approach than that. The /dev/urandom approach is a lot
> > simpler and will have exactly the same effect of randomizing the disk.
> /dev/urandom is typically used for applications requiring data that "looks
> pretty random" (games and such), but for cryptographic purposes (such as
> making keys) /dev/random is the only way to get truly random data.
> While /dev/urandom is probably "good enough" for this purpose, the effect is
> _not_ the same. That said, /dev/urandom is much easier and probably
> adequately secure for most people who need to wipe a disk.
I would submit that /dev/urandom is adequately secure for *everyone*
who needs to wipe a disk. Remember, all you're trying to accomplish
here is to make it impossible for an attacker to tell the difference
between the unallocated sectors and the encrypted sectors. How is
your radio entropy any better at this than a random number generator?
Keep in mind that even if an attacker can somehow figure this out,
they still don't have access to the data in the file system, because
that's encrypted. I'd think that any potential cracker, upon seeing
the entire drive filled with seemingly random bits, wouldn't even
attempt the hack you're thinking of and would go immediately to other
means at getting at the data.
> I would normally use /dev/urandom if I were in any kind of hurry. I figured
> that I might as well try this approach not only because the results would be
> somewhat better, but also for Sir Edmund Hillary's reason.
Well, it's a free country and you can of course do anything you want.
I'd be interested in finding out how long it takes to generate 80 GB
of entropy.
Walt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFF60whXfGeK2entYQRAm3QAKCeORuW2MZ4OwIWnHsW7DKsohxM1QCgulMj
vcXOItX+Xil4Vev+JHv82OI=
=jeAJ
-----END PGP SIGNATURE-----
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements -
http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion --
http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|