>> I have a trivial number of records that are stored as PGP
>> encrypted text, and a larger number that have been made, PGP
>> encrypted, and mailed to where they are stored as plain text.
>
> Just out of interest, how do you securely delete the plain text records
> >from the source system
> after they have been dispatched in encrypted form? By "secure deletion"
> I mean deletion which can't be trivially undone. In many instances, the
PGP has the option to -wipe the source file. Also, there are numerous
utilities around claiming to wipe file content in a more or less efficient
way.
The basic principle is to overwrite the file content before
deleting it's filesystem metadata. Usually the file is overwritten
several times, often with varying patterns. Depending on how well
the patterns are chosen for a given media (according to data encoding
schemes) more or less residue will stay behind. There is (supposedly)
a DoD standard (5220.22-M) for this.
However, even after overwriting several times with ideal patterns
traces remain on disk due to tiny misalignments of the write heads
during successive writes of the same area (the margins of magnetic
tracks do not necessarily perfectly cancel out each other). Of course,
you'd need military-grade equipment to retrieve those traces.
There was an excellent article about this issue back in 1996.
(http://wipe.sourceforge.net/secure_del.html - also find this
link under Reading Material/Security in the OIO Project Library
at www.txoutcome.org/scripts/zope/library)
Regards,
Karsten
--
GPG key ID E4071346 @ certserver.pgp.org
E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346
