KBTAG: kben10000009
URL: http://www.securityportal.com/lskb/10000000/kben10000009.html
Date created: 13/03/2000
Date modified:
Date removed:
Authors(s): Kurt Seifried seifried@securityportal.com
Topic: Programs that let you securely delete
files and devices in Linux
Keywords: Filesystem, Users/Data
Deleting files does not actually destroy the files, it simply unlinks them. Even if the inode/etc are not known a determined attacker can retrieve files, usually quite easily from your magnetic media. In order to securely "delete" a file it is necessary to overwrite it multiple times with various bit patterns to remove all traces of it.
Several "secure delete" programs exist for Linux, and the GNU file-utils package should support secure deletion in the near future. They securely delete data by overwriting the file (or device) multiple times with various bit patterns, i.e. all 0s, then all 1s, then alternating 1s and 0s and so forth. If used on files remember that filenames, creation dates, permissions and so forth might be recoverable, so make sure you wipe the device if you absolutely must remove all traces of something (or use an encrypted filesystem).