How to safely delete file content? I mean data should be unrecoverably wiped, so even if someone (intruder) would undelete deleted file, one could find instead of real data just garbage?
问题:
回答1:
In practical terms, you really can't because you have no idea what kind of medium is being used for storage and whether its blocks can be reliably overwritten. This is especially true on mobile devices containing flash, which has wear-leveling to prolong its life and isn't guaranteed to overwrite the same block internally when you overwrite a block on the filesystem. That would make it possible for a determined adversary who gains physical control over the medium to recover previously-written blocks.
You would be better off assuming your data will be intercepted and encrypting it for storage.
This vulnerability has nothing to do with the OS and everything to do with the medium. Shred et al depend on the assumption that overwriting a block in a file happens in place. On any medium with limited write cycles (e.g., flash), this is an unsafe assumption because the on-board controller reassigns logical block addresses to new blocks of physical memory on writes as a way to delay reaching the write cycle limit on any physical block. This process is completely transparent to the host. Hard disk drives do something similar as a way of staving off failures resulting from bad blocks.
An adversary who has your device in hand can transplant its flash ICs onto a new carrier and read the entire contents, including blocks that were discarded by the controller as part of the wear-leveling process. I haven't checked, but I wouldn't be surprised if the controllers in flash devices can be put into a mode that allows direct access to the memory, eliminating the need to physically tamper with it at all.