安全擦除文件内容 [英] Safely wipe file content

问题描述

如何安全地删除文件的内容？我的意思是数据应擦干，不能复原，所以即使有人（入侵者）将取消删除删除的文件，人们可以找到的，而不是真实的数据只是垃圾？

How to safely delete file content? I mean data should be unrecoverably wiped, so even if someone (intruder) would undelete deleted file, one could find instead of real data just garbage?

推荐答案

在实践方面，你真的不能，因为你不知道什么样的介质被用于存储和其是否块能可靠地覆盖。这是一个包含Flash，其中有磨损均衡，以延长其使用寿命，并不能保证在内部覆盖相同的块时，您就覆盖该文件系统的块移动设备尤其如此。这将有可能使一个确定的对手谁获得实际控制在中恢复previously写入块。

In practical terms, you really can't because you have no idea what kind of medium is being used for storage and whether its blocks can be reliably overwritten. This is especially true on mobile devices containing flash, which has wear-leveling to prolong its life and isn't guaranteed to overwrite the same block internally when you overwrite a block on the filesystem. That would make it possible for a determined adversary who gains physical control over the medium to recover previously-written blocks.

您会好起来假设你的数据将被拦截和加密来储存。

You would be better off assuming your data will be intercepted and encrypting it for storage.

该漏洞无关的操作系统和一切与媒体。碎化等人依赖于在一个文件重写的块发生的地方的假设。在有限的写入周期（例如，闪存）的任何介质，这是一个不安全的假设，因为板载控制器重新分配逻辑块地址到物理内存写入新块，以此来延缓任何物理块达到写周期的限制。这个过程是完全透明到主机。硬盘驱动器做类似的避开了坏块导致故障的方法什么的。

This vulnerability has nothing to do with the OS and everything to do with the medium. Shred et al depend on the assumption that overwriting a block in a file happens in place. On any medium with limited write cycles (e.g., flash), this is an unsafe assumption because the on-board controller reassigns logical block addresses to new blocks of physical memory on writes as a way to delay reaching the write cycle limit on any physical block. This process is completely transparent to the host. Hard disk drives do something similar as a way of staving off failures resulting from bad blocks.

谁拥有你的手设备可移植的闪存芯片到一个新的载体和阅读的全部内容，包括由控制器被丢弃的平均读写流程的一部分，阻止一个对手。我没有检查，但我不会感到惊讶，如果在闪存设备的控制器可以被放入一个模式，允许直接访问内存，无需物理篡​​改它在所有。

An adversary who has your device in hand can transplant its flash ICs onto a new carrier and read the entire contents, including blocks that were discarded by the controller as part of the wear-leveling process. I haven't checked, but I wouldn't be surprised if the controllers in flash devices can be put into a mode that allows direct access to the memory, eliminating the need to physically tamper with it at all.

这篇关于安全擦除文件内容的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！