Re: File Deletion Question
From: Alun Jones (alun@texis.com)Date: 02/28/02
- Next message: Alun Jones: "Re: File Deletion Question"
- Previous message: Rick Kuhn: "Economic Impact of NIST Role Based Access Control Research - report available"
- In reply to: PeterD: "File Deletion Question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: alun@texis.com (Alun Jones) Date: Thu, 28 Feb 2002 15:39:24 GMT
In article <cc962e44.0202250042.4b4cc4ad@posting.google.com>,
pdellys@yahoo.com.au (PeterD) wrote:
>I'm no expert on cryptography, but can someone tell me why no Windows
>O/S has the optional capability to securely delate files? If utilities
>can securely delete and wipe swap files with randomized integers in
>multiple passes, why can't the O/S do this too? Perhaps it could be an
>install option.
>
>I'm sure there's a simple answer.
Probably because most users of the operating system don't need it to do this.
Preventing physical access to the system is one of the keys of most operating
systems' approaches to security.
"Securely" deleting files takes time. Most of the time when a file is
deleted, it is simply marked in the directory table as "deleted", and the
blocks that made it up are added to the free list. This can be done in one or
two accesses of small areas of the disk, whereas "secure" erasure requires
several re-writes of the entire area that the file contained. A file that
might take milliseconds to erase normally could take seconds to 'securely'
erase. Therefore it's generally reserved only for those most secure of
environments where there is a strong belief that physical access may be made
to the system. And in such places, as has been pointed out earlier, it's more
appropriate to encrypt the file system in the first place, such that the
recovered data is of little to no use.
Note that I put "securely" in quotes. Writing and re-writing the disk goes
some way to making it harder to recover old data. It doesn't make it
impossible. I rather like the analogy of a rubber stamp, used by someone else
here recently - you can over-stamp something, and the new stamp is more
readable, but you can still make out faintly what was underneath. Each time
you overwrite, you make the underlying image fainter and fainter, but with
physical access to the disk, and a great deal of time and money, old data can
be re-fetched.
If you want to be sure of secure erasure of your files, you'll need to do
something that physically destroys the disk. Sacrificing it to Pele(*) is a
good move.
Alun.
~~~~
(*) No, not the famed Brazilian football player.
[Note that answers to questions in newsgroups are not generally
invitations to contact me personally for help in the future.]
-- Texas Imperial Software | Try WFTPD, the Windows FTP Server. Find us at 1602 Harvest Moon Place | http://www.wftpd.com or email alun@texis.com Cedar Park TX 78613-1419 | VISA/MC accepted. NT-based sites, be sure to Fax/Voice +1(512)258-9858 | read details of WFTPD Pro for NT.
- Next message: Alun Jones: "Re: File Deletion Question"
- Previous message: Rick Kuhn: "Economic Impact of NIST Role Based Access Control Research - report available"
- In reply to: PeterD: "File Deletion Question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
