On Thu, 2009-12-17 at 11:42 +0000, Mick wrote:
> shred ... shreds files. Therefore you may need to point it to the
> files in
> question for it to work. I suspect that if you point it to a device
> alone it
> just shreds the file representing the device on the Linux fs in
> question.
No. This is horribly wrong. Please don't tell people this.
The problem with just shredding files is thus:
* I have a file with very sensitive data, it occupies blocks x-y
on my hard drive.
* I later delete that file, in the os it just get's unlinked().
If there are no more links to that file then it's considered
deleted, however the data is still there.
* Out of sheer "luck" blocks x-y are never reallocated. The data
remains on that block.
* I go to shred every file on the filesystem. Blocks x-y never get
shredded because they are not linked to a file.
* I give my laptop to someone. They run a tool as simple as
formost(1) on the drive. Bingo! Sensitive data found.
Your comment about shredding devices... how long have you been using
*nix man? When you cat /dev/sda what do you get? When you "cat
> /dev/sda" what do you get (please, don't try that)? When you run
shred on a block device representing your hard drive.. it's just a file.
Everything is a file (remember hearing that)? Shredding a drive will
not shred the device node. Device nodes are empty anyway:
$ ls -sH /dev/sda
0 /dev/sda
So if you shred a drive and it takes days instead of microseconds you
can rest assured that it's actually shredding the drive ;)
