RE: Hard drives v. CF/Smart media/etc.

[Alexander Klimov <alserkli () inbox ru>]

On Tue, 18 Oct 2005, Herman Frederick Ebeling, Jr. wrote:

> : Yes since they are for the most part using FAT or FAT32 as the file
> : system.  So deleting a file still only marks the space as overwritable
> : not actually removing the data.
>
>       What if someone is using the NTFS file system?  How many time
> would one have to overwrite the data before it became unrecoverable?
> Would say PGPs wipe function be more effective on flash media then
> on an actual HD/floppy disk?

Since it is impossible to overwrite a single sector of flash without
erasing (and writing back) the whole erase unit, and also due to the
need of wear leveling the FTL (Flash Translation Layer) is used in
most of the flash ``disks''.  That is when you overwrite some sector
on your `block' device what really happens is that the flash driver
allocates a new place for the new sector and leaves the previous
version unchanged.  So, wiping data by overwriting ``sectors'' which
belong to file is mostly pointless (IIRC this is exactly what pgpwipe
does).  OTOH, if you fill the whole flash with random data, it is
likely that the driver will have to overwrite the old data as well
(note that to continue normal operation flash has to have some reserve
of free space even when it is full, so you can not be really sure that
the data you want to destroy is really gone).

So, either write random data until the flash is full several times,
or, better, never write unencrypted data.

-- 
Regards,
ASK