secure-delete for Debian ------------------------ The original package and debian versions prio to 3.1-5 contained a utility called smem that wiped memory. This utility seems to be of limited use and clashes with another binary of the same name, it is therefore renamed to sdmem. The source for secure_delete contains a 2.4 kernel module that turns every call to unlink() into a secure remove, this module is not yet part of this package for technical reasons. if you need it please "apt_get source secure-delete" and build it yourself for now. Also note that securely wiping data from magnetic media is a difficult task and depends a lot on the filesystem in question (among other things). So there is no guarantee that this program will work in your configuration, but you can and should check for yourself by creating a loopback filesystem, mountig it and creating a file in it, then securely wiping it and grepping for it's contents in the loopback file: dd if=/dev/zero of=disk bs=4096 count=1024 mke2fs disk losetup /dev/loop0 disk mkdir test mount /dev/loop0 test cd test for ((i=0; i<10000; i++)) do echo "ofenrohr" >> file; done cd .. umount test losetup -d /dev/loop0 grep "ofenrohr" disk --> this should result in a "binary file disk matches" losetup /dev/loop0 disk mount /dev/loop0 test cd test srm file cd .. umount test losetup -d /dev/loop0 grep "ofenrohr" disk --> this should not find anything Please make sure you use the correct filesystem type and options during the mkfs! Another general problem of wiping data from disks is that most harddisks will occasionally mark a sector as "bad" and copy it's contents to a new location that the disk will pretend is at the original location. Since this is completely transparent, there is no way to access these sectors without touching the disks hardware. These sectors may then contain sensitive information that could be retrieved from the disk. If you want better security, use an encrypting filesystem (dm-crypt, loop-aes), and forget the key if you want to wipe it. -- Robert Lemmen , Thu, 29 Jan 2004 18:09:26 +0100