Re: PATCH - ext2fs privacy (i.e. secure deletion) patch

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Jamie Lokier <jamie@shareable.org>
To: Hans Reiser <reiser@namesys.com>
Cc: Valdis.Kletnieks@vt.edu, the grugq <grugq@hcunix.net>,
	Pavel Machek <pavel@ucw.cz>,
	linux-kernel@vger.kernel.org
Subject: Re: PATCH - ext2fs privacy (i.e. secure deletion) patch
Date: Sat, 7 Feb 2004 02:17:51 +0000	[thread overview]
Message-ID: <20040207021751.GH12503@mail.shareable.org> (raw)
In-Reply-To: <40243C24.8080309@namesys.com>

Hans Reiser wrote:
> reiser4 probably does not need secure deletion as much as others, 
> because once the encryption plugins are debugged we will most likely 
> encourage users to use encryption by default.  Perhaps someone will show 
> the error in my thinking though, I am not trying to be rigid here....

With encrypted block devices, there is the possibility that someone
may discover your key, or gain access to your computer (e.g. steal
your laptop while it's switched on, or someone puts a gun to your head
and makes you enter the key).

If someone gets access you might be glad you securely deleted some
files by overwriting the blocks.

When encryption is implemented in the filesystem itself, this is
preventable.

There is a cryptographic way to ensure deleted files cannot be
recovered even when someone knows the filesystem key, without needing
to overwrite the files.  This is even better than overwriting, because
it resists signal processing methods on the hard disk platter, and is
effective with virtual devices where overwriting does not actually
erase the original data (e.g. VMware or Bochs copy-on-write disk
image; LVM snapshots; some SAN devices).

Thanks in advance for the implementation :)

-- Jamie

next prev parent reply	other threads:[~2004-02-07  2:17 UTC|newest]

Thread overview: 45+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-01-28 16:30 PATCH - ext2fs privacy (i.e. secure deletion) patch the grugq
2004-02-03 22:20 ` Pavel Machek
2004-02-04  0:33   ` the grugq
2004-02-04  0:43     ` Pavel Machek
2004-02-04  0:48       ` the grugq
2004-02-04  0:55         ` Pavel Machek
2004-02-04  0:58           ` the grugq
2004-02-04  1:10             ` Mike Fedyk
2004-02-04  6:29       ` Theodore Ts'o
2004-02-04 13:08         ` the grugq
2004-02-04 17:05           ` Bill Davidsen
2004-02-04 17:14             ` Valdis.Kletnieks
2004-02-04 23:47               ` Bill Davidsen
2004-02-04 23:51                 ` the grugq
2004-02-05  1:48                 ` the grugq
2004-02-05  4:38                 ` Valdis.Kletnieks
2004-02-07  3:30                   ` Bill Davidsen
2004-02-05  3:35               ` Theodore Ts'o
2004-02-06  0:00                 ` the grugq
2004-02-12 22:59         ` Robert White
2004-02-13  3:41           ` Jamie Lokier
2004-02-13 21:30             ` Robert White
2004-02-18  3:48             ` Bill Davidsen
2004-02-18  9:48               ` Jamie Lokier
2004-02-17 12:00           ` Pavel Machek
2004-02-04  3:20     ` Valdis.Kletnieks
2004-02-07  0:20       ` Jamie Lokier
2004-02-07  1:15         ` Hans Reiser
2004-02-07  1:29           ` the grugq
2004-02-07  5:40             ` Hans Reiser
2004-02-07  9:55               ` the grugq
2004-02-07 10:47                 ` Jamie Lokier
2004-02-07 11:02                   ` the grugq
2004-02-07 11:09                     ` Jamie Lokier
2004-02-07 11:46                       ` the grugq
2004-02-07 12:01                         ` Jamie Lokier
2004-02-07 16:52                           ` Hans Reiser
2004-02-07 17:22                           ` Pavel Machek
2004-02-08  0:04                             ` Jamie Lokier
2004-02-07 16:50                         ` Hans Reiser
2004-02-07 16:44                   ` Hans Reiser
2004-02-09 12:07                     ` Edward Shishkin
2004-02-10  7:18                       ` Hans Reiser
2004-02-07  2:17           ` Jamie Lokier [this message]
  -- strict thread matches above, loose matches on Subject: below --
2004-02-07  9:55 Albert Cahalan

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20040207021751.GH12503@mail.shareable.org \
    --to=jamie@shareable.org \
    --cc=Valdis.Kletnieks@vt.edu \
    --cc=grugq@hcunix.net \
    --cc=linux-kernel@vger.kernel.org \
    --cc=pavel@ucw.cz \
    --cc=reiser@namesys.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox