SHRED for EXT3?

Damian Menscher menscher at uiuc.edu
Thu Jul 28 00:16:49 UTC 2005 

On Wed, 27 Jul 2005, Mike McCarty wrote:
> Damian Menscher wrote:
>> On Wed, 27 Jul 2005, Michael Hennebry wrote:
>> 
>>> I think something like this will come close.
>>> 
>>> lots of random writes
>>> tune2fs -O ^has_journal device
>>> shred shreddees
>>> tune2fs -O  has_journal device
>> 
>> My first thought when seeing this thread a few days ago was:
>>    remount as ext2; shred files; remount as ext3
>> I'm fairly certain that meets DoD standards.
>
> DOD standard is probably beyond what I need. Umm, how
> does one unmount/remount one's root?

Simplest method: modify your /etc/fstab to say ext2 instead of ext3, 
then reboot.  It will then mount it without using the journal.  (The 
method the other poster gave, of using tune2fs to remove the journal, 
may or may not work on an ext3 filesystem mounted read/write.)  After 
you've wiped the data, change /etc/fstab back to ext3 and reboot.

>> Not sure why there's so much discussion here....
>
> I think it's because there is a significant issue, and not much
> real information.

Not much information here, perhaps.  But there was a good discussion on 
it on bugtraq just last week.

>> BTW, you will be amused to hear I wiped a drive for someone a few years ago 
>> via the (wipe|shred) /dev/hda method.  25 passes of patterns and random 
>> data.  No way any government could get that data back.  Doubtful 
>
> Presumably, you have never heard of the Watergate Tapes and the
> "erased" tapes which were later recovered.

Accidental erasure with a single pass with non-random data to cover a 
signal that is highly redundant is hardly a comparison.  DoD standards 
specify 7 passes (various patterns) to eliminate confidential data.  The 
state of Illinois requires 10 passes (they're just being silly).  I'm 
quite certain that 25 passes is extreme overkill.  A single pass will 
make the data unrecoverable to anyone with less than a few thousand 
dollars.  Two passes will make it unrecoverable to those with less than 
$10,000.  Three passes probably puts it at the NSA level.  Anything 
beyond that is probably a waste of time.

> As I pointed out earlier, *my* interest is (almost) purely ethical.

How much is their data worth?  Probably not that much, or they wouldn't 
have let you take it home.  So delete it to the point that it would no 
longer pay to recover it.  If it is no longer worth recovering, it has 
been effectively deleted.

Damian Menscher
-- 
-=#| Physics Grad Student & SysAdmin @ U Illinois Urbana-Champaign |#=-
-=#| 488 LLP, 1110 W. Green St, Urbana, IL 61801 Ofc:(217)333-0038 |#=-
-=#| 4602 Beckman, VMIL/MS, Imaging Technology Group:(217)244-3074 |#=-
-=#| <menscher at uiuc.edu> www.uiuc.edu/~menscher/ Fax:(217)333-9819 |#=-
-=#| The above opinions are not necessarily those of my employers. |#=-

More information about the fedora-list mailing list