Secure Delete is a suite of tools for securely erasing files, directories, free disk space, swap space and RAM.

Secure Delete is a suite of tools for securely erasing files, directories, free disk space, swap space and RAM.

Quickstart: It's no secret that simply deleting a file does not physically remove it and it is usually quite easy to recover such data. What's more, file contents can be recovered even after they've been overwritten several times. For overwriting to be genuinely effective as an erasing method, the deleting utility must fulfil a number of conditions:

• the erasing procedure has to perform at least 38 overwriting cycles, including overwriting using 0xff bytes, random content and special values to hinder data recovery from MFM and RLL-encoded disks,

• the program has to shrink the file so its original disk blocks cannot be discovered,

• the filename must be changed to prevent data disclosure resulting from the original name being recovered,

• each write operation must end with the data being physically dumped to disk.

The Secure Delete utility suite offers all these features.

Let's say we want to erase a file called something.txt with maximum security (i.e. fulfilling all the above conditions):

$ srm something.txt

If we want to securely erase a directory called something along with all its contents, we'll need to use the -r switch:

$ srm -r something

To securely erase the swap partition assigned to device /dev/hda5:

# swapoff /dev/hda5

# sswap -v /dev/hda5

# swapon /dev/hda5

The -v (verbose) switch provides detailed information about the erasing process.

To securely erase all free space and all free i-nodes on partition /dev/hda3 with /home as the root directory:

# sfill -v /home/

RAM contents can often be recovered even after the system has been shut down, so we can securely erase our memory using:

# smem -v

Other useful features: The program offers many features unavailable in similar utilities, such as erasing free space (as demonstrated earlier using the sfill command) or erasing RAM contents. The source codes also include the rm.diff patch for the Linux version of the rm command (from the fileutils package) for integrating secure erasing into the standard command. The toolkit also includes source codes for a Linux kernel module, which � once compiled and loaded � will cause all erasing operations to be performed securely.

Disadvantages: Erasing large data blocks is very time-consuming. Integrating secure erasing into standard commands can seriously degrade system performance, especially for larger files. One way around this is to use a less secure method, with just 2 overwriting passes (enabled using the -l switch). Another issue is that some hard drives' cache controllers cannot be disabled, meaning that 38 write cycles can sometimes result in just one cycle being executed (the final one). The problem applies mainly to small files that fit in the internal disk cache.

 

Figure 1. Secure RAM erasing using Secure Delete

 

sum:

0 €