From owner-freebsd-security  Fri Nov 19  1:48:11 1999
Delivered-To: freebsd-security@freebsd.org
Received: from pollux.sdata.de (pollux.sdata.de [193.30.133.37])
	by hub.freebsd.org (Postfix) with ESMTP id 71D2315206
	for <freebsd-security@FreeBSD.ORG>; Fri, 19 Nov 1999 01:48:06 -0800 (PST)
	(envelope-from cs@sdata.de)
Received: from sdata.de (vega.sdata.de [193.30.133.36])
	by pollux.sdata.de (8.9.3/8.9.3) with ESMTP id KAA38438;
	Fri, 19 Nov 1999 10:47:58 +0100 (CET)
	(envelope-from cs@sdata.de)
Message-ID: <38351CCD.D2800B0@sdata.de>
Date: Fri, 19 Nov 1999 10:47:57 +0100
From: Christoph Splittgerber <cs@sdata.de>
Organization: sdata - C. Splittgerber Datentechnik
X-Mailer: Mozilla 4.7 [en] (X11; I; FreeBSD 3.2-STABLE i386)
X-Accept-Language: de, en
MIME-Version: 1.0
To: Barrett Richardson <barrett@phoenix.aye.net>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: secure filesystem wiping
References: <Pine.BSF.4.01.9911182331400.18537-100000@phoenix.aye.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Barrett Richardson wrote:

> How about pseudo-random data? Aren't the passes with random data just
> a little extra icing?
> 

See also documentation for the -w (wipe) option of pgp (release 2.6.x).
The idea is that, if you can guess the pattern which is used for
overwriting, which is the case if one can guess the seed for your pseudo
random data, it's not worth too much. I think it all boils down to 1)
How predictable is your seed 2) How many bits are used for seeding.

Christoph


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message