Tuesday, November 6, 2012

Secure Deletion of Data in Linux


At the base of these articles there is a simple fact: a simple rm of a file or deleting it via any file manager is not enough to really remove it from your hard disk.
If you really want to delete files from a computer you have to use more sophisticated commands, and in former articles we have seen:
Dban: Darik’s Boot and Nuke (commonly known as DBAN) is an open source project hosted on SourceForge. The program is designed to securely erase a hard disk until data is permanently removed and no longer recoverable, which is achieved by overwriting the data with random numbers generated by Mersenne twister or ISAAC (a PRNG).
Shred : Overwrites the specified FILE(s) repeatedly, in order to make it harder for even very expensive hardware probing to recover the data.
Wipe : Wipe is a secure file wiping utility.
Today we’ll take a look at the package secure-delete that contains some useful programs to delete in a safer way files, memory, free space and/or the Swap space.

To install the Secure-Delete tools in Debian, Ubuntu and Mint run in a terminal:
sudo apt-get install secure-delete
The package should be availabe also in other distributions, check your package manager searching for secure-delete or srm, or if not available you can take the package source from sourceforge
The Secure-Delete package comes with four commands:
  • srm Secure remove; used for deleting files or directories currently on your hard disk;
  • smem Secure memory wiper; used to wipe traces of data from your computer’s memory (RAM);
  • sfill Secure free space wiper; used to wipe all traces of data from the free space on your disk;
  • sswap Secure swap wiper; used to wipe all traces of data from your swap partition.


SRM is designed to delete data on mediums in a secure manner which can not be recovered by thiefs, law enforcement or other threats. The wipe algorythm is based on the paper “Secure Deletion of Data from Magnetic and Solid-State Memory” presented at the 6th Usenix security Symposium by Peter Gutmann, one of the leading civilian cryptographers.
The secure data deletion process of srm goes like this:
  1. 1 pass with 0xff
  2. 5 random passes. /dev/urandom is used for a secure RNG if available.
  3. 27 passes with special values defined by Peter Gutmann.
  4. 5 random passes. /dev/urandom is used for a secure RNG if available.
  5. Truncate the file
As an additional measure of security, the file is opened in O_SYNC mode and after each pass an fsync() call is done.
srm writes 32k blocks for the purpose of speed, filling buffers of disk caches to force them to flush and overwriting old data which belonged to the file.
Srm options:
  • -d ignore the two special dot files . and .. on the commandline. (so you can execute it like “srm -d .* *”)
  • -f fast (and insecure mode): no /dev/urandom, no synchronize mode.
  • -l lessens the security. Only two passes are written: one mode with 0xff and a final mode random values.
  • -l -l for a second time lessons the security even more: only one random pass is written.
  • -r recursive mode, deletes all subdirectories.
  • -v verbose mode
  • -z wipes the last write with zeros instead of random data
Some exampels with srm:
1) Delete a file using srm
#srm /tmp/myfile.txt
2) Delete a directory using srm
#srm -r /tmp/mydir/

The other tools of the suite

smem is designed to delete data which may lie still in your memory (RAM) in a secure manner. Note that with the new SDRAMs, data will not wither away when you turn off the computer but will be kept static and this can enable cold boot attacks
sfill is designed to delete data which lies on available diskspace on mediums in a secure manner
sswap is designed to delete data which may lie still on your swapspace in a secure manner


Please, when using these tools keep in mind that they add some security but they don’t guarantee that the data will not be recovered, about this wikipedia says:
The US government recommends complete physical destruction of hard disk data surfaces to guarantee secure data erasure. Presumably, this can be accomplished by abrasion, or by a small amount of thermite ignited over a large, well-ventilated pot containing sand.

No comments:

Post a Comment