Bugtraq mailing list archives

Re: File "shredding"

From: Kurt Seifried <listuser () seifried org>
Date: Thu, 12 Oct 2000 14:32:15 -0600

The only way to be somewhat sure (high degree of confidence, oh yeah) is to
keep the file encrypted on the disk at all times and only decrypt it in
memory (which unfortunately also means swap partitions nowadays). OpenBSD
has such a beastie, and it is possible in other OS's. If you want to be
really paranoid you could have a program wipe swap as part of shutdown, one
option is http://wipe.sourceforge.net/. For example in Linux use swapoff,
then wipe the device(s) that had the swap partition.

From:
http://www.securityportal.com/research/cryptodocs/basic-book/

Chapter 10 - Encrypting files and drives in Linux, BSD, and other Unices
http://www.securityportal.com/research/cryptodocs/basic-book/chapter-10.html

I'd cut and paste it here but it's about 5 printed pages in a small font =).

Kurt Seifried - seifried () securityportal com
SecurityPortal, your focal point for security on the net
http://www.securityportal.com/

Current thread:

Shred 1.0 Bug Report Jeff Harlan (Oct 10)
- Re: Shred 1.0 Bug Report Guenther H. Leber (Oct 10)
  - Re: Shred 1.0 Bug Report Frank Wiles (Oct 11)
- Re: Shred 1.0 Bug Report M. Leo Cooper (Oct 11)
  - Re: Shred 1.0 Bug Report Wietse Venema (Oct 11)
    - Re: Shred 1.0 Bug Report Alfred Perlstein (Oct 12)
    - Re: Shred 1.0 Bug Report Mitchell Blank Jr (Oct 13)
    - Re: File "shredding" Kurt Seifried (Oct 13)
  - Re: Shred 1.0 Bug Report M. Leo Cooper (Oct 11)
  - Re: Shred 1.0 Bug Report Dan Kaminsky (Oct 12)