Lukas Z's Blog

Securely Deleting Files With Linux

I am sitting in front of a computer running linux full of files that need to be deleted securely.

Luckily, there’s a simple solution, shred.


$ cat file.txt
Nowhere am I so desperately needed as among a shipload of illogical humans.
  -- Mr. Spock

$ shred -vzn3 file.txt
shred: file.txt: pass 1/4 (random)...
shred: file.txt: pass 2/4 (random)...
shred: file.txt: pass 3/4 (random)...
shred: file.txt: pass 4/4 (000000)...

$ cat file.txt
$ hexedit file.txt
00000000   00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00  ....................
00000014   00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00  ....................
00000028   00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00  ....................
0000003C   00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00  00 00 00 00  ....................

So what shred does is overwrite the file n-times with something random (actually it seems to use specific patterns that decrease chance of recovery even more) before finally overwriting it with zeroes. (Due to the -z-flag.)

This is safe as long as the filesystem is not one that does not overwrite the file where it is stored.

And many filesystems do, therefore the best solution is probably to use an encrypted filesystem. And just rm it eventually.

Aparently on OSX there’s a special flag for rm that prompts a secure deletion. Don’t have my laptop with me now, though, so I can’t try it out.

P.S.: You can follow me on Twitter.

Comments

Webmentions