In the effort to learn python and/or ruby, I was wondering how a file shredder would be implemented? I would like it to take in a file as an argument and then employ an algorithm to make that file unrecoverable. Would possibly add the support for multiple files or even whole directories later.
+1
A:
Just as a warning, shredders generally will have varying levels of success on modern systems, thanks to journals, copy-on-write file systems, wear leveling (flash), and other techniques used in modern system. Might wanna check out wikipedia on some of the pitfalls.
In short, you'd need to be able to write directly on top of the currently existing data. There's a few different patterns of varying levels of security, but often if you overwrite the file about 25 times with random data (rounding up to the next block size) the file should be completely unrecoverable (at least that copy of the data). There are other techniques that can securely overwrite it in less passes (3 passes, random, ones, then zeros also works decently well).
Kitsune
2010-05-03 15:00:09
With newer hard drives, even one overwrite with random data is enough to kill any software-based recovery scheme and to make hardware-based recovery rather tough. Of course, modern systems tend to do crazy things that prevent that overwrite from really happening. E.g. Windows has shadow copies of files that it keeps for who knows how long. Since they tend to be partially based on time, overwriting a file will have no effect no matter how many times you do so. Hardware based wiping is usually pretty reliable, though that gets rid of ALL data; it's not selective.
Brian
2010-05-03 15:08:29
Ok, so how would i overwrite a file at its current location?
2010-05-03 15:46:54
@pmilb21, you missed the point. You can't overwrite a file at its current location with a modern file system. The only way to shred data is to unmount the disk open it as a block device and shred its entire contents.
mikerobi
2010-05-03 16:51:33
2010-05-03 17:08:49
@Brian, yep, forgot to mention about that. @pmilb21, At best, they'll overwrite the current contents of the file (if using low level access), but they won't be able to do anything about indexed, cached, and prior copies laying around on the disk in space currently marked 'free'. You can defeat simple 'undelete' programs, but the more complicated ones and criminal forensic techniques will search in a multitude of ways in an attempt to rebuild the file.
Kitsune
2010-05-03 20:04:27
A:
Since this is a learning exercise and not a professional attempt to secure data. How about this: 1. Discover the length of the file. 2. Write 0's to the same length of the file. 3. Save the file. 4. Delete the file.
Then make another program that tries to recover the file.
But yes, if looking to make something professional and not just an exercise, look into kitsune's answer.
RandyMorris
2010-05-03 21:03:55