shredding files on a flash drive
Anthony de Boer
adb-tlug-AbAJl/g/NLXk1uMJSBkQmQ at public.gmane.org
Fri Jan 18 04:55:23 UTC 2008
D. Hugh Redelmeier wrote:
> That got me thinking. I would like to remove those files from the USB
> device. How can I do that? As I understand it, flash memory devices
> use "wear leveling". I think that this is done by always writing to a
> new physical flash block, leaving the old physical block fallow until
> its turn comes.
>
> This means that shred(1) won't do the job ...
Quite likely yes, though there's a chance someone would have to interface
to the underlying flash device and couldn't get at it through normal
"undelete" utilities. I presume data-recovery services can do things
that we normal folk can't.
I won't assume there's only one implementation out there, or that they
won't come out with more, so anything they *may* do is an issue, and
one can't rely on a safe-delete process on one being safe on others.
> Any recommendation? Perhaps one should never consider a flash device
> cleaned.
There's a good chance that if you fill the thing right up with some of
/dev/urandom, it has to use all of its blocks for that and you ought to
get a fair level of confidence that older deleted blocks are overwritten.
Spare blocks (to replace bad ones) could still be an issue, especially if
they're part of the wear-levelling rotation already.
Always encrypting confidential information onto physical media would be
a definite answer.
Depending on the consequences of the data falling into the wrong hands,
you may not ever be able to declassify media that's had secret or
confidential information on it in the clear. I've heard that the
Pentagon sends its broken hard drives to a nearby Army base for a date
with some thermite, to melt them right down to slag. At a previous
employer, our broken drives had a date with a cold chisel and a two-pound
hammer to punch through the platters a time or two.
--
Anthony de Boer
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list