bug#27420: Self Destruct - Self Erase of All Data On SD Card Using Shred

bug-coreutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#27420: Self Destruct - Self Erase of All Data On SD Card Using Shred

From:	Ruediger Meier
Subject:	bug#27420: Self Destruct - Self Erase of All Data On SD Card Using Shred,
Date:	Thu, 22 Jun 2017 10:02:16 +0200
User-agent:	KMail/1.9.10

On Sunday 18 June 2017, Pádraig Brady wrote:
> tag 27420 notabug
> close 27420
> stop
>
> On 18/06/17 00:22, John Shearing wrote:
> > favorite
> > <https://raspberrypi.stackexchange.com/questions/68635/self-destruc
> >t-self-erase-of-all-data-on-sd-card-using-shred-dd-or-some-other#>
> >
> > I will be using a raspberry pi as an air-gapped computer to make
> > secure encrypted transactions on the Ethereum BlockChain. Once in
> > awhile I will want to update the software I am using which will
> > mean taking the SD card out of the pi and inserting it into a
> > laptop computer which is connected to the Internet. I would like to
> > use some program or command line utility on the raspberry pi to
> > securely erase everything on the SD card before removing it as this
> > will eliminate all possibility of sensitive information being read
> > off the SD card by bad actors which may have compromised my laptop.
> >
> > The following command typed in at the pi terminal conveys the idea
> > of what I hope to accomplish:
> > shred --verbose *.*
> >
> > Is this possible using shred?
>
> shred already supports passing multiple files, however
> you would be much safer shredding at the device level,
> since there is all sort of reallocation etc. happening within
> filesystems. I.E. something along the lines of:
>
>   SDCARD=/dev/sdb1
>   umount $SDCARD
>   shred --verbose $SDCARD
>   mkfs.ext4 $SDCARD
>
> Note you can partition the SDCARD if there only a portion that
> you want to destructively recreate like this.

Does schred support SSD on the lowlevel? I don't think you can truly 
wipe na SSD by overwriting it, especially if you would overwrite only a 
file or partition

If the drive supports "ATA Secure Erase commands" you should 
use "hdparm" like this:
https://www.thomas-krenn.com/en/wiki/SSD_Secure_Erase#Step_3:_Secure_Erase

Otherwise, and if you are not paranoid, you could also use "blkdiscard" 
(ATA TRIM).

FYI, here somebody explains the issues with erasing SSDs very well
https://superuser.com/a/856491/229214

Regarding shred, maybe it's worth to add something about SSDs in the 
CAUTION section of the man page.

cu,
Rudi

[Prev in Thread]

Current Thread

[Next in Thread]

bug#27420: Self Destruct - Self Erase of All Data On SD Card Using Shred,, John Shearing, 2017/06/18
- bug#27420: Self Destruct - Self Erase of All Data On SD Card Using Shred,, Pádraig Brady, 2017/06/18
  - bug#27420: Self Destruct - Self Erase of All Data On SD Card Using Shred,, Ruediger Meier <=
    - bug#27420: Self Destruct - Self Erase of All Data On SD Card Using Shred,, Pádraig Brady, 2017/06/23

Prev by Date: bug#27420: Self Destruct - Self Erase of All Data On SD Card Using Shred,
Next by Date: bug#27420: Self Destruct - Self Erase of All Data On SD Card Using Shred,
Previous by thread: bug#27420: Self Destruct - Self Erase of All Data On SD Card Using Shred,
Next by thread: bug#27420: Self Destruct - Self Erase of All Data On SD Card Using Shred,
Index(es):
- Date
- Thread