Protect Your Data from Glowfriends! (Recovering & Deleting Data)

preview_player
Показать описание
You should know that when you "delete" a file on your computer in your operating system, whether Linux, Windows or Mac, the file is not *really* deleted or overwritten until the space is needed for new data. This is beneficial when you accidentally delete a file, but is dangerous when you "delete" a sensitive file and falsely feel like you're safe.

Linux has the command `shred` which overwrites files with random data, which solves this issue. You can also output /dev/urandom or /dev/zero to blank or distort empty space on a drive.

Even in the case of encrypted drives, it's a good idea to use /dev/urandom or obscure unused or previously used space to prevent metadata leakage about how much you've stored on the drive or what used to be on it, in a way that could tie you to an important USB drive or computer.

00:00 No data's every *really* gone!
01:49 Gist
03:37 Dangers of File Recovery
04:50 Good Op-sec
05:56 `shred` to overwrite and delete files
08:09 /dev/urandom and /dev/random
09:44 Blanking or shuffling drives with randomness
11:11 /dev/zero
12:22 Encrypted drives can still leak metadata!
15:01 Retroactively wiping empty space on an encrypted drive
16:12 Benefits and Dangers

BTC: bc1qd20r7phdct3t0e0z6jqs55ulectg25pngt7hyl
XMR: 89yML3AtqnTNdo3wNuoaW44D94Zx1kBZNSBc9SyNxGdaKEZwZNdVzvy9zpbzJMzysiWZEU3b5LwjQ3XwWuQsknCF8JK73yv

OR affiliate links to things l use:
Рекомендации по теме
Комментарии
Автор

In TempleOS, when you delete data it gets recalled back to God's Kingdom. Safe from all the glowies who are reddit-tier athiests.

spaceghost
Автор

A note about hard disk drives. It's possible that if you overwrite with 0 that some of the original data can be recovered from the edges of the original track. Programs exists that tell the HDD to overscan the magnetic area to try to recover the old data and Feds 100% use this. That's why the industry standard is to wipe with 0, then fill with random data, then wipe to 0 again.

Hobojoe
Автор

One note for SSDs, most have a firmware-level block selector to increase the lifespan of the drive, which means if you "overwrite" a file, you may not actually change the exact same bits the original file occupied. This also applies to certain types of filesystems, read shred's man page. That said, going nuclear by filling the entire drive (maybe even 8 times) should cover all contingencies.

When your terminal gets messed up by binary files, type "reset" and press enter (even if you can't see the letters you type)

TroyFletcherKeyboards
Автор

default runescape character explains how to evade law enforcement

NoahBertilson
Автор

As much as I enjoy hearing your insights into life and society regardless of my agreement or otherwise with your outlooks, these practical videos of yours are my favorite.

TrappedInFloor
Автор

Another reinforcement of the adage "physical access is total access"

ianhoolihan
Автор

Even using shred or overwriting the specific file is not a guaranteed way to really overwrite those bits on the drive nowadays.

Trap #1: SSDs and maybe even some flash drives even out the wear by writing to different physical location every time. If the drive was unencrypted (or the attacker has the key), the data may still be recoverable directly from nand even after overwriting.

Trap #2: Modern filesystems do not guarantee the overwrite will work. Especially copy on write filesystems. (for example fedora uses btrfs by default) Those filesystems do similiar thing as SSDs.

Mitigations: Always encrypt your drive. Use encrypted vaults for especially sensitive files you may want to delete later. This way after you delete your vault, attacker cannot recover the files if he doesn't have the key.

pasikavecpruhovany
Автор

I love this series Luke! Please keep going!

ricardorien
Автор

Where I'm from we don't call them friends we call them something else.

travv
Автор

HDDs store data by electro magnetizing individual magnetic domains (also refferd as sectors)
with either a north or a south magnetic polarity to represent either a binary of 0 or 1.
To read it back, the head detects the magnetic polarities of the magnetic domains (sectors)
which are physical (few nanometers) structures that are already present on the disk.
The binary data is then sent to the CPU where it is translated into ASCII code using
predefined algorithms and protocol.

The best way to destroy data would be :
Degaussing :
Exposing the disk to a strong magnetic field, which will erase the magnetic polarities and destroy the data stored on the disk.

You're welcome

fliporflop
Автор

luke smith posting actual tech videos? impossible

not_herobrine
Автор

If someone wants an analogy to help them understand this, imagine the data is a weight attached to a fishing line floating in a pool. When you delete the file you don't pull the weight out and destroy it. You just cut the line. Someone dedicated enough to recovering the data can go into the pool and pull out the weight if they go through every rock in the pool individually and examine it.

milesrout
Автор

urandom takes in consideration the system entropy, it is a cryptographic secure random number generated, preferred to use compared to random, which takes a starting seed.

Mantuitorull
Автор

Haha thought this was a Mental Outlaw vid from the thumbnail XD

isbestlizard
Автор

I sold a hard drive to a friend (spinning rust) and did a 35 pass alternating 0's and 1's followed by every 3rd pass being pseudo random data. I then stuck it in an high magnetic field for a few hours, followed by a complete low format. Old drives that work I do this before even storing them, and if I have to trash them I put them to a butane torch. Probably paranoia but as they say just because you are paranoid doesn't mean they are not out to get you. :)

damaliamarsi
Автор

Shred is great. At my last job we were charged with securely disposing of some old hard drives with a bunch of financial data on them. Ram a 4 pass shred zeroing the bits at the end and it worked like a dream. 1 TB drive took about 7 hours or so to finish.

theretromillennial
Автор

14:20 Luke channels Charles Manson's spirit

deldrinov
Автор

/dev/random and urandom were different but they are now pm the same thing and we only have two for backward compatibility.

alkeryn
Автор

Oh my god I didn't know dd took status=progress as an argument... I've been finding its pid and sending a USR1 signal using kill all these years like a chump :O

isbestlizard
Автор

Now I'll make sure to fill up the drive after deleting the homework folder.

Krazy