From owner-freebsd-questions@freebsd.org Mon Jul 10 08:06:15 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 79833DA06C0 for ; Mon, 10 Jul 2017 08:06:15 +0000 (UTC) (envelope-from 4250.10.freebsd-questions=freebsd.org@email-od.com) Received: from bca5.email-od.com (bca5.email-od.com [207.246.239.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3F2087FE8D for ; Mon, 10 Jul 2017 08:06:14 +0000 (UTC) (envelope-from 4250.10.freebsd-questions=freebsd.org@email-od.com) DKIM-Signature: v=1; a=rsa-sha256; d=email-od.com;i=@email-od.com;s=dkim; c=relaxed/relaxed; q=dns/txt; t=1499673967; x=1502265967; h=x-thread-info:date:from:to:cc:subject:message-id:in-reply-to:references:mime-version:content-type:content-transfer-encoding; bh=6WpnIts673QzJXg8MoIny8sAw/ZE4JCg6WV+aWzzcws=; b=FwZ2mm/hF87IUG9X/rPVvzG/QFXzAOHtCcPamkaZjWov5BnkDg3vHVu23Xfj5luHdfJ1UrOGGxHjFtypy2m3o/DwiC5g4xNUTDv8fnpi4BKffseJ/7QcJmsC2LZt4T1X4RO2QnnBbGzpWhjIaAvYlevQx3tDefiZB62afAfNZak= X-Thread-Info: NDI1MC4xMi5kNzAwMDAwMDUwMjkxMi5mcmVlYnNkLXF1ZXN0aW9ucz1mcmVlYnNkLm9yZw== Received: from r3.us-west-2a.aws.in.socketlabs.com (r3.us-west-2a.aws.in.socketlabs.com [54.187.94.11]) by bca2.email-od.com with ESMTP(version=Tls12 cipher=Aes256 bits=256); Mon, 10 Jul 2017 04:05:55 -0400 Received: from smtp.lan.sohara.org (EMTPY [89.127.62.20]) by r3.us-west-2a.aws.in.socketlabs.com with ESMTP(version=Tls12 cipher=Aes256 bits=256); Mon, 10 Jul 2017 04:06:02 -0400 Received: from [192.168.63.1] (helo=steve.lan.sohara.org) by smtp.lan.sohara.org with smtp (Exim 4.89 (FreeBSD)) (envelope-from ) id 1dUTib-0009TR-9h; Mon, 10 Jul 2017 08:06:57 +0000 Date: Mon, 10 Jul 2017 09:05:47 +0100 From: Steve O'Hara-Smith To: freebsd-questions@freebsd.org Cc: Matthias Apitz Subject: Re: Unusual Question Message-Id: <20170710090547.15ee3afc07c09955ba621ae1@sohara.org> In-Reply-To: <20170710052228.GA2338@c720-r314251> References: <888578F8-AD68-4993-823C-152789F3C929@mail.sermon-archive.info> <52627.76.193.16.95.1499645892.squirrel@cosmo.uchicago.edu> <20170710052228.GA2338@c720-r314251> X-Mailer: Sylpheed 3.5.1 (GTK+ 2.24.31; amd64-portbld-freebsd10.3) X-Clacks-Overhead: "GNU Terry Pratchett" Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Jul 2017 08:06:15 -0000 On Mon, 10 Jul 2017 07:22:28 +0200 Matthias Apitz wrote: > I do not think that this approach worked in the sense of overwriting all > blocks of the disk. While walking through at some point the kernel will I see no reason why it shouldn't, provided the dd process doing the work never needs to swap anything in (likely it's small and running a tight loop). > miss sectors of the disk, for example of memory mapped files of shared > libs of other running processes or swapped out memory to disk. And the The sectors are still there, just filled with 0s or random data the kernel will have no trouble reading them. > kernel will just crash or halt and you will notice that as terminating The kernel will not crash or halt, processes will if they have to page in corrupted data but that's all. Processes that don't page in anything will just carry on running - if they don't read the disc they'll never know it's been overwritten. > ssh session. Unless sshd has to page something in it won't crash. > Do not rely on the fact that the (sensitive) information on > the disk was overwritten. I see no reason to expect that the dd process won't finish clearing the disk and exit normally. > The only secure way is doing this from a system > running on some other disk and even this would allow to recover > information with forensic tools reading beside of the tracks. Only > physical destruction will help, for example burning the thing, as you > said. Sure, but absent a motive to spend the money forensic data analysis costs writing 0s or random numbers over the whole drive will do fine. If you fear forensic analysis then use thermite. -- Steve O'Hara-Smith