On Aug 20, 2008, at 4:08 AM, Werner Koch wrote:
On Wed, 20 Aug 2008 02:32, [EMAIL PROTECTED] said:
However, as you are asking this question of the GnuPG list, I suspect
you mean to ask about GnuPG. GnuPG does not have a secure delete
feature.
Let me add that one reason for not providing a secure deletetion
feature
is that gpg is Unix tool and as such it is usually operated in a
pipeline and does not work directly with files.
Most Unix systems these days have secure deletion tools like
shred(1) or
wipe(1). However, I doubt that they are any effective when used with
modern disks.
There is some debate on whether a well-funded adversary can recover a
useful amount of data (say enough to reconstruct a fragment of a file)
from a disk that has been overwritten multiple times. It's an
interesting debate, but for many situations the question is somewhat
moot. Hard drive prices are so low these days that if the drive
contains sensitive material that should not be exposed "no matter
what", just destroy the drive. If you're designing a system that
requires that level of security, then the price of a new hard drive
now and then is included.
For what it's worth, the US government recently changed their
regulations on what qualifies for "clearing" (basically removal that
can foil an undelete function or games with 'dd' and 'grep') and
"sanitizing" (removal that can foil a laboratory). The notable
difference is that in the new regulations, you cannot use any
overwrite method to sanitize a disk. The only way to sanitize is to
degauss the drive or physically destroy the thing.
David
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
