securely overwrite files with Python
Paul Rubin
http
Fri Mar 5 22:07:22 EST 2004
Thomas Bellman <bellman at lysator.liu.se> writes:
> A file system that moves around files when you overwrite them,
> will only move the data blocks, not the inode. The inode will
> stay the same, and in the same position on the storage device.
If the old blocks get moved to new by copying them and then updating
the block pointers in place, it may be impossible to find the old
blocks by normal means to overwrite them. But data recovery could
still find them, so you haven't securely deleted the file by
overwriting just the new blocks.
There's really no way to securely delete info from a hard drive. The
best you can do is encrypt the data so only ciphertext is stored.
Then if you manage to securely destroy the decryption key (a much
smaller piece of data than the whole file), the file is unrecoverable.
In fact you only need enough securely-eraseable media to hold one key,
and still be able to maintain destroyable keys for any number N of
files, where securely erasing a file takes O(log N) operations. I
have a Usenet post with further details and a pointer to some Python
code at:
http://www.google.com/groups?selm=7xr8hsfsak.fsf_-_%40ruckus.brouhaha.com
More information about the Python-list
mailing list