- security News Forums
- > Secure deletion: a single overwrite will...
- > Re: True...but...
Posting 
Thread - Reply
- New Topic
- Hide Thread
Re: True...but... 15 March 2009 15:39
I think the more interesting angle of this article is that the
research shows that it is relatively inexpensive to securely erase
data from a system compared to the technique employed by most
software.
Sure it can't get all blocks on disk, especially if it couldn't write
to all of them in the first place or if a block has become become
flagged as bad, but like the dd technique this approach is only
suitable for when drives (and machines) are being re-purposed or
re-assigned.
If it is relatively inexpensive to erase data, then have the file
system track recently freed unclean blocks, and only hand out cleaned
(zeroed) blocks. Then zero out freed blocks during idle time.
Wouldn't this make for a far more secure system at any given time for
a low overhead?
There would be a performance cost, but for all but the most heavily
used systems or those with little free space, there should be enough
idle time and "cleaned" free space to keep ahead of the demand. [My
only concern would be the extra wear on SSD devices]
-
-
15 Mar 2009 15:39Craig
Re: True...but...
-
- Posting
- Thread
- Reply
- New Topic
- Hide Thread
- Threaded View
- Flat View
