Wipe function?
Thomas Sjögren
thomas@northernsecurity.net
Thu Aug 28 12:06:02 2003
--7JfCtLOvnd9MIVvH
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wed, Aug 27, 2003 at 10:08:39PM -0700, Joseph Bruni wrote:
> Obviously, the better way would be to pull out a number of bytes from=20
> /dev/random to seed your PRNG and then use the output from that to wipe=
=20
> the file in question.
Actually, the "cat /dev/urandom > file" in my initial post was just an
example how to minimize the impact a filesystem could have on the wiping
process. Maybe not a good example, but still just an example.
If you read the Gutmann paper [1] you'll se that only eight random
characters are needed, not a constant stream om random characters, the
rest (pass number 5 to 31) has fixed characters.=20
> I noticed that /dev/random is also writable -- allowing one to add=20
> additional entropy to the pool. That's kinda cool. I could probably hit=
=20
> infinite improbability by writing my checking account balance into=20
> /dev/random!! With my luck my computer would turn into a bowl of=20
> petunias saying, "Not again!"
>=20
Check out http://www.fourmilab.ch/hotbits/generate.html, generate a
binary file, write it to /dev/random. Now you got fresh radiactive
decay present in your computer.=20
[1] http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
/Thomas
--=20
=3D=3D thomas@northernsecurity.net | thomas@se.linux.org
=3D=3D Encrypted e-mails preferred | GPG KeyID: 114AA85C
--
--7JfCtLOvnd9MIVvH
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE/TdQwEgljnRFKqFwRAjw4AKDUqkkPnd8Ir5/6ckr6GT1G4I2DNACglfHc
2tS9ibHOTt93D0rsaZ62P9c=
=OxDg
-----END PGP SIGNATURE-----
--7JfCtLOvnd9MIVvH--