Re: file shredding tools

["Derek Atkins" <user=54@nabble.blu.org>]

 "Ben Holland" <[hidden email]> writes: 

> So then the program would basically have to keep track of how many times the 
> actual file was stored as well as all locations at all times. Wouldn't this 
> kinda overhead be huge? ~Ben 
> 
> On Thu, Apr 17, 2008 at 12:19 PM, Derek Atkins <[hidden email]> wrote: 
> 
[snip] 
>     The same is true of backups....  I don't consider an offline disk 
>     to be that significantly different than a backup. 

Yes.  Exactly.  Which is why you need to think hard about what 
it means to wipe a file.  If you really want to make sure it's 
dead you should start with an encrypted partition, using something 
like PGP Virtual Disk or an encrypted loopback mountpoint or something 
where the data on disk is always encrypted and there is no unencrypted 
data ever on disk or backup. 

It all depends on your threat model.  We could spend days talking 
about threat models.  Indeed, half my jobs is dealing with threat 
models.  And I suspect that if I ever finished my PhD my thesis 
would be on threat models..  It's just how I always think about 
the problem.  *shrugs* 

-derek 
-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory 
       Member, MIT Student Information Processing Board  (SIPB) 
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH 
       [hidden email]                        PGP key available 

-- 
This message has been scanned for viruses and 
dangerous content by MailScanner, and is 
believed to be clean. 

_______________________________________________ 
Discuss mailing list 
[hidden email] 
http://lists.blu.org/mailman/listinfo/discuss