[Tutor] Working with memory in Python? (fwd)

[Magnus Lycka]

At 14:06 2002-12-07 -0800, Danny Yoo wrote:
>For a simple shredder, I think you can use open() to open up the target
>file, and write() to scribble all over it.  You can then rewind the file
>by using seek() and then repeat this a few dozen times.  However, I am not
>a security person, so perhaps there may be some complications involved!

Neither am I, but I can think of some...

If you ever opened and read the file, parts of it might
be left in a swap file / partition on the disk...

If you ever defragmented the disk, some file blocks that
used to be used by this file might now be "unused", still
containing parts of your files. Even if these blocks are
overwritten by other files, they aren't overeritten in
military grade ways...

Even if you don't defrag your disk, I imagine that if the
file gets smaller at some point of editing, the blocks no
longer used can be claimed by other files but not cleaned
from your sensitive content in a safe way.

If you edit the sensitive file with some program that keeps
temporary backup files, you will have disk blocks with your
sensitive data in places outside your file.

I think you can safely shred a dick if you just grind it
into small enough pieces, but seriously, if you get rid of
a computer that used to contain sensitive data, at least
run some shredding software that overwrites the whole disk
several times. Erasing single files can't possibly be safe.

Rule 1. Keep your secrets away from computers.

Rule 2. If you can't follow Rule 1, make sure your
computer is not networked, and that it's physically
secure.

Rule 3. There is no Rule 3. ;)


-- 
Magnus Lycka, Thinkware AB
Alvans vag 99, SE-907 50 UMEA, SWEDEN
phone: int+46 70 582 80 65, fax: int+46 70 612 80 65
http://www.thinkware.se/  mailto:magnus@thinkware.se