gbde blackening feature - how can on disk keys be "destroyed"
phk at phk.freebsd.dk
Sat Sep 4 01:03:36 PDT 2004
In message <200409032243.i83MhuA02066 at puffin.ebi.ac.uk>, David Kreil writes:
>>From what I can see so far, they are simply overwritten with zeros - is that
>right? If so, the blackening feature would be much weakend, as once can read
>up to 20 layers of data even under random data (and more under zeros). I would
>be most grateful for comments, or suggestions of where/how one could extend
>the code to do a secure wip of the key areas. Also, I know practically nothing
>of how I could to best get FreeBSD to physically write to disk
>(configurability of hardware cache etc permitting).
On a modern disk there is no sequence of writes that will guarantee
you that your data is iretriveable lost.
Even if you rewrite a thousand times, you cannot guard yourself against
the sector being replaced by a bad block spare after the first write.
If your threat-analysis indicates this is a serious threat for you,
you should arrange for simple physical destruction of your disk to
Most modern disks have one or more holes in the metal only covered
by a metalic sticker. Pouring sulfuric acid through those openings
is a good start.
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
More information about the freebsd-fs