From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-dev+bounces-57626-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id AE859138538
	for <garchives@archives.gentoo.org>; Fri, 18 Jan 2013 09:58:21 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 387C221C08F;
	Fri, 18 Jan 2013 09:58:17 +0000 (UTC)
Received: from mail-ie0-f174.google.com (mail-ie0-f174.google.com [209.85.223.174])
	(using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 3C1F621C004
	for <gentoo-dev@lists.gentoo.org>; Fri, 18 Jan 2013 09:58:16 +0000 (UTC)
Received: by mail-ie0-f174.google.com with SMTP id k11so256010iea.5
        for <gentoo-dev@lists.gentoo.org>; Fri, 18 Jan 2013 01:58:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=dee.su; s=google;
        h=x-received:mime-version:in-reply-to:references:from:date:message-id
         :subject:to:content-type:content-transfer-encoding;
        bh=sNRAwF8ywXKSUARUXuzhhVLNvGLCoQpulmuoU0LvY+k=;
        b=cKI/19O1zAFCThoVjtZceIxoT7ZjTzjo2k1LoeEf0VFvGzYSBVxm1JAUSPyar/OQuN
         YhKSuZhkutmsm3qOsPOMBhR3oWs84RDX2p/lZ/jv/quljHbZYb2x37Ea9Wzoro+P7hNW
         1MzwSVfcGqSiZlLdIvjJt1bp/6rT1idFR2uJg=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20120113;
        h=x-received:mime-version:in-reply-to:references:from:date:message-id
         :subject:to:content-type:content-transfer-encoding
         :x-gm-message-state;
        bh=sNRAwF8ywXKSUARUXuzhhVLNvGLCoQpulmuoU0LvY+k=;
        b=bh8/3ES5a8cRrBVawVGL/msEwuq2Bw8FdCtTNUJ9b+oopSIvj2TxM4eXKF56IB0r6a
         qX9rQ2hM4/9r+M3wbMdgpQ1ahBubdzZgSH1Lk66rexF84xIxIBw4zz/Bt5JPPYBN5/yS
         V7ID5skwG56OSrdQKKTp3FX9Vyrc3DPaKaR7yqp+Tvo2O1jvSAq/u9HwmlOL/ndVbzRc
         ZVjgz2S/PiGW3Y48zF6yjPfeGOAyaMvDq9GvlUnAjdHKbTXYfpAr1bDgknS1YLTJ9DFz
         835U92Ge8X0LPum/rICgS9P46vP/TX/hojH95BXPh6/n3rt3Grpo+wNBiQQMKGfS/ua2
         XGpA==
X-Received: by 10.50.42.200 with SMTP id q8mr1460896igl.102.1358503095445;
 Fri, 18 Jan 2013 01:58:15 -0800 (PST)
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
MIME-Version: 1.0
Received: by 10.43.134.68 with HTTP; Fri, 18 Jan 2013 01:57:45 -0800 (PST)
In-Reply-To: <slrnkfhiv0.aea.junk+usenet@shasta.marwnad.com>
References: <1358450490.4605.14.camel@belkin4> <CAHsXYDDkj6u1JCd3G2Azpb3iCOpOp8vctFvAi5LoiYZfgchdfQ@mail.gmail.com>
 <1358454846.4605.21.camel@belkin4> <CAHsXYDA52Rj3dXAfXmJ2VfV3kPxSdXDp=4bzT89aAZ7AAL0H6A@mail.gmail.com>
 <slrnkfh2p8.aea.junk+usenet@shasta.marwnad.com> <20130118035847.5359.qmail@stuge.se>
 <slrnkfhiv0.aea.junk+usenet@shasta.marwnad.com>
From: Maxim Kammerer <mk@dee.su>
Date: Fri, 18 Jan 2013 11:57:45 +0200
Message-ID: <CAHsXYDAKW25NR6wn4QOgz_OdtxooVvFNkLiLAjy__AskFdVZnA@mail.gmail.com>
Subject: Re: [gentoo-dev] Re: Lastrites: app-misc/secure-delete,
 app-misc/ccal, www-apache/mod_vhs, app-portage/epm, www-apps/online-bookmarks,
 sys-apps/i2c
To: gentoo-dev@lists.gentoo.org
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
X-Gm-Message-State: ALoCoQn5DAQOpJBuODa2d5ujqioHRRWd4p26ehhR6/fcREgWht1KOcLDmDCSMUfoyPGgXDEeTLCJ
X-Archives-Salt: a29b4858-dfa7-4486-9877-6215deca8435
X-Archives-Hash: a6ae1d4151194eb5e23f2e9d37bdfb8b

On Fri, Jan 18, 2013 at 6:13 AM, Paul Arthur
<junk+usenet@flowerysong.com> wrote:
> Yes. This is the exact same issue secure-delete has, since it uses
> the same approach. shred is just as useful as srm (in fact it's more
> useful, since it doesn't mandate the full, useless run of 38 passes
> that srm does.)

"srm" doesn't mandate rewrites either.

Anyway, I actually forgot about "shred", so I remove my objection.
Other utilities in secure-delete are either simple wrappers of
rarely-used functionality ("sfill", "sswap"), or essentially useless
for modern kernels ("smem" =97 good luck clearing free RAM in userspace,
been there, tried that).

Some comments on replies in this thread:

1. Multiple rewrites are indeed useless for modern media, see [1].
2. So journal metadata is not cleared. BFD. If you need 100%
guarantees, drop media in acid.
3. Wear leveling on flash media is rarer than you think, and most
likely doesn't do what you think, see [2].
4. Wear leveling is irrelevant for the usual attack vectors, which is
a technician copying your naked gf photos. You need special hardware
to access hidden sectors. If you are worried about that, see (2).

[1] C. Wright et al., =93Overwriting Hard Drive Data: The Great Wiping
Controversy=94, http://dx.doi.org/10.1007/978-3-540-89862-7_21
[2] E. Gal and S. Toledo, =93Algorithms and Data Structures for Flash
Memories=94, http://dx.doi.org/10.1145/1089733.1089735

--=20
Maxim Kammerer
Libert=E9 Linux: http://dee.su/liberte