views:

108

answers:

2

Hello,

I have been reviewing a number of applications for securing deleting files. I understand the concepts of overwriting the file several times with zeros and random characters; however, I don't understand the concept of renaming the file up to thirty times before actually deleting the file. Any feedback would greatly be appreciated.

I am currently working on a PCI DSS project.

URL - SDELETE by Sysinternals http://technet.microsoft.com/en-us/sysinternals/bb897443.aspx

Thanks, Brennan

+1  A: 

Despite the data having being obscured by having been overwritten, simple removal of a file does not obliterate the directory entry associated with the file in the filesystem (e.g. NTFS). As evidenced in the link you posted, sometimes the directory entries for deleted files can still be hanging around in free space on NTFS.

So, because the file name itself may contain sensitive information, renaming the file multiple times helps obscure what the original name was. Though it is of course dependant on the implementation of the underlying filesystem.

Leon Breedt
+1  A: 

Actually I do not have a direct answer to your question but you do not have to overwrite the data nor the FS-entry 30 times.

The german magazine for computer technics (c't) has published an article about a paper which handles this topic. The quintessence of the article is that overwriting the data once is enough.

The c't article (german): http://www.heise.de/newsticker/meldung/Sicheres-Loeschen-Einmal-ueberschreiben-genuegt-198816.html

Information about the paper (english): http://www.springerlink.com/content/408263ql11460147/

After all it should suffice to rename the file to /tmp/tmp_file (or so) and overwrite it with random data or zeros before deleting it.

Tilo Prütz
While it may be enough to overwrite it once for the magazine authors, it's not enough for most PCI QSA (auditors). If you can point to a government based organisation publishing such data then you may have a case.
Mike
You mean the auditors have expectations based on myths?I mean: they have no evidence that overwrite once is not enough, haven't they?I think they say "overwrite it 30 times because one time _may_ not be enough" but as they have no evidence that once is _not_ enough they also have no evidence that 30 times _is_ enough.That's crazy.I'm only guessing, proof me if I'm wrong.
Tilo Prütz