secure file deletion
Johan Lundberg
p99jlu@physto.se
Thu Feb 15 19:24:11 2001
I agree that "It is not the job of GnuPG to delete files".
Since I still use ext2, I use the wipe-command by Tom Vier
<thomassr@erols.com>, and I think it does the job, at least as good as I
need. I have done several tests, and it seems to do the job. I don't know
about the electron microscopy-level safety, since I don't own one, but at
least you can't grep the plain-text from the device after it's been wiped.
It can also be used to wipe your swap-space, and I really think it's
*mush* better than nothing. I use IDE and ext2 only, and I don't know
how 'wipe' will do in other environments. The location is
http://wipe.sourceforge.net/
By the way; there is another 'wipe' @ http://gsu.linux.org.tr/wipe/
Another interesting thing partly related to this (or call it off-topic):
Has anybody used the s-bit (not sticky!) with ext2/chattr? From the
chattr man-page:
- When a file with the `s' attribute set is deleted, its blocks are
- zeroed and written back to the disk.
I have tried it, but it does not seem to work. Anybody? How is wiping and/
or clearing handled in Reiser / ext3 or whatever they are called?
Johan Lundberg
On Thu, 15 Feb 2001, Werner Koch wrote:
>On Thu, 15 Feb 2001, Stephan F. Yaraghchi wrote:
>
>> Playing around with GnuPG I noticed that there's no option
>> for secure file deletion, like the "-w" command in PGP.
>
>The -w does anyway not work under Unix or Windows. It is not the job
>of GnuPG to delete files. That's Unix philosophy.
>
>> Does anyone made up a workaround?
>> What's necessary to securely 'wipe' a file?
>
>Secure file deletion is a very tough problem. The only working
>solution is to use a filesystem feature. Trying to work around will
>give soon trouble when you change the filesystem (e.g. from ext2 to
>Reiser): you believe the file is securly deleted but it is not.
>
> Werner
--
Råggatan 2. 2tr http://www.johanl.net IC#: 38425619
B847 687B 8971 0AAC 1C29 DBA1 AB5F 664F D3A0 A0E5