"secure" file flag?
wes at softweyr.com
Fri Nov 28 00:14:51 PST 2003
On Monday 24 November 2003 10:24 pm, Poul-Henning Kamp wrote:
> In message <20031124235738.GA4107 at StefanEsser.FreeBSD.org>, Stefan
> >And that is what this thread is about: Secure removal of data from
> >storage media. There definitely is a difference between RLL (as in
> >1,7i RLL) and modern PRML drives under this aspect.
> No there isn't.
> It's been proven again and again that you cannot reliably overwrite
> data on a magnetic media. In particular the difference in read/write
> geometry and lack of fine control over head placement makes this
> The only reliable way to loose data is to encrypt them and throw the
> key away.
This is the conclusion I came to after pushing the idea around for months.
If you want an interesting problem to work on, come up with a solution to
the keying problem for disk encryption. It somehow needs to allow
automated, unattended reboots during "normal" operations but prevent
attackers from compromising the system. Maybe you could have the system
send an SMS message when it needs a key, you reply with a one-time key
from your mobile phone?
While you're in there, paint that bikeshed blue.
Where am I, and what am I doing in this handbasket?
Wes Peters wes at softweyr.com
More information about the freebsd-hackers