[dm-crypt] Does safe remove has a point on an encrypted drive?
arno at wagner.name
Sat Sep 22 21:55:44 CEST 2012
On Sat, Sep 22, 2012 at 09:05:27PM +0200, Claudio Moretti wrote:
> > I meant if I am on full disk encryption if it's worth the extra CPU
> > clocks to do a safe erase of certain files, given the data is already
> > random looking from the outside. It wasn't about the whole drive.
> The point is exactly that: your data looks random from the outside, but not
> from the inside. If an attacker gets access to your running computer or
> discovers your password, dm-crypt cannot protect you, because the attacker
> has access to your unencrypted hard drive.
Exactly. So if you erase a full disk/partition, my earlier
comment applies. For erasing single file securely inside a LUKS
or dm-crypt container, do overwrites. There is evidence
that a single overwrite is enough for magnetic disks.
For journalling filesystems (ext3/4, e.g.), it may be necessary
to still wipe the whole partition for HDDs and for SSDs, a full
secure erase including physical destrucion afterwards may be the
My recomendation would be to do ext2 and use wipe with 4
random overwrites for HDDs and to not put anything secret on
If you are comfortable with ordinary, not secure, erase,
just use that, but take into account that once your key is
compromised, your erased data may be compromised.
Incidentally, I believe all this can be found in the FAQ.
Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno at wagner.name
GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F
One of the painful things about our time is that those who feel certainty
are stupid, and those with any imagination and understanding are filled
with doubt and indecision. -- Bertrand Russell
More information about the dm-crypt