From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1NLFmK-0003P9-K5 for garchives@archives.gentoo.org; Thu, 17 Dec 2009 12:48:24 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 75EC2E0D62; Thu, 17 Dec 2009 12:47:25 +0000 (UTC) Received: from out1.smtp.messagingengine.com (out1.smtp.messagingengine.com [66.111.4.25]) by pigeon.gentoo.org (Postfix) with ESMTP id 5FAF8E0D62 for ; Thu, 17 Dec 2009 12:47:25 +0000 (UTC) Received: from compute2.internal (compute2.internal [10.202.2.42]) by gateway1.messagingengine.com (Postfix) with ESMTP id 3ABB9C56F4 for ; Thu, 17 Dec 2009 07:47:25 -0500 (EST) Received: from heartbeat2.messagingengine.com ([10.202.2.161]) by compute2.internal (MEProxy); Thu, 17 Dec 2009 07:47:25 -0500 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=messagingengine.com; h=subject:from:to:in-reply-to:references:content-type:date:message-id:mime-version:content-transfer-encoding; s=smtpout; bh=ui6jtfWgPPdingYD38nIHqwij8k=; b=ScImN2XfuOr/GigAY3AjEhDrEBu+uxIHH8c0JgGI1dY3Et/2+GDvJpiCwgyeUN4DbNgdDicJ8HzbXfYw+K9bJY0mQnPmwtOKuIrkqm3oWaPBXPixM3cdcZUTmFHGoGG8wxCJPiL48ivCQ1aQXjQ7256Pok5u7BMTU6j0GI4uyZA= X-Sasl-enc: NnMGSB2ZOk+mFQ6P+nrLOxH8kWSNr1ZwEphGgObleWnX 1261054044 Received: from [192.168.31.12] (cpe-069-134-183-088.nc.res.rr.com [69.134.183.88]) by www.fastmail.fm (Postfix) with ESMTPSA id E07F2F452 for ; Thu, 17 Dec 2009 07:47:24 -0500 (EST) Subject: Re: [gentoo-user] {OT} Preparing a laptop for sale From: Albert Hopkins To: gentoo-user@lists.gentoo.org In-Reply-To: <200912171142.41399.michaelkintzios@gmail.com> References: <49bf44f10912161049v3768a3f8m60dddbae4b8777b@mail.gmail.com> <4B299C27.4030306@gmail.com> <200912171142.41399.michaelkintzios@gmail.com> Content-Type: text/plain; charset="UTF-8" Date: Thu, 17 Dec 2009 07:47:23 -0500 Message-ID: <1261054043.5933.10.camel@centar> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 X-Mailer: Evolution 2.28.1 Content-Transfer-Encoding: 7bit X-Archives-Salt: 6bcb1fbb-4e83-4336-86a8-2abd19fbe8be X-Archives-Hash: b9b807c9f7fed0ff9e3cdccd561101dc On Thu, 2009-12-17 at 11:42 +0000, Mick wrote: > shred ... shreds files. Therefore you may need to point it to the > files in > question for it to work. I suspect that if you point it to a device > alone it > just shreds the file representing the device on the Linux fs in > question. No. This is horribly wrong. Please don't tell people this. The problem with just shredding files is thus: * I have a file with very sensitive data, it occupies blocks x-y on my hard drive. * I later delete that file, in the os it just get's unlinked(). If there are no more links to that file then it's considered deleted, however the data is still there. * Out of sheer "luck" blocks x-y are never reallocated. The data remains on that block. * I go to shred every file on the filesystem. Blocks x-y never get shredded because they are not linked to a file. * I give my laptop to someone. They run a tool as simple as formost(1) on the drive. Bingo! Sensitive data found. Your comment about shredding devices... how long have you been using *nix man? When you cat /dev/sda what do you get? When you "cat > /dev/sda" what do you get (please, don't try that)? When you run shred on a block device representing your hard drive.. it's just a file. Everything is a file (remember hearing that)? Shredding a drive will not shred the device node. Device nodes are empty anyway: $ ls -sH /dev/sda 0 /dev/sda So if you shred a drive and it takes days instead of microseconds you can rest assured that it's actually shredding the drive ;)