Full Disclosure mailing list archives
Re: Secure Delete for Windows
From: bkfsec <bkfsec () sdf lonestar org>
Date: Wed, 18 Jan 2006 15:09:28 -0500
J.A. Terranson wrote:
(1) I do have something "useful to say". The exact same thing every other security conscious person is saying: No source? An exe? Baaaaaddddd newwwwwssssss.... Publicly released "tools" are only safely released through open source (or, "full disclosure" if you prefer). Without source, it's you who should be taking a turn at stfu.
I'm going to back up the general point of J.A.'s statement.People who don't care about security and could care less about transparency don't, by and large, use "file shredders". A handful of paranoid users might, but I think that these people are few and far between. Ensuring that files are deleted represents a willfulness amongst the user to be detailed (or paranoid, perhaps, depending on their motives and intentions). As such, I think that the same kinds of people who might be interested in a tool like this would be interested in reviewing the source code, for two reasons:
- Verification that the code is not a trojan.- Ensuring that the methods used in the secure deletion utility are sound. (Which is perhaps more important for the detail-oriented.)
In the end, it's easy to see the value of transparency, particularly in a product like this. There really is no sound argument for proprietization anymore. Code is so heavily commoditized that most programs are reinventions of older concepts. That isn't to say that there isn't some innovation going on, but the reality is that the only argument that can be used for proprietization is profit, and that's an argument that has been getting progressively less enticing as more commoditization occurs and as more code projects are shipped off to offshore workshops, the draw of proprietization is decreased - I would even say antiquated. Interestingly, people continue to proprietize code even in the face of that. I guess that that green aura is somewhat blinding. :)
(Not flaming anyone, just making some observations.) -bkfsec _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Secure Delete for Windows, (continued)
- Re: Secure Delete for Windows J.A. Terranson (Jan 16)
- Re: Secure Delete for Windows Valdis . Kletnieks (Jan 16)
- Re: Secure Delete for Windows Jason Coombs (Jan 17)
- Re: Secure Delete for Windows J.A. Terranson (Jan 17)
- Re: Secure Delete for Windows GroundZero Security (Jan 17)
- Re: Secure Delete for Windows Michael Holstein (Jan 17)
- Re: Secure Delete for Windows GroundZero Security (Jan 17)
- Re: Secure Delete for Windows Valdis . Kletnieks (Jan 17)
- Re: Secure Delete for Windows greybrimstone (Jan 17)
- Message not available
- Re: Secure Delete for Windows J.A. Terranson (Jan 17)
- Re: Secure Delete for Windows bkfsec (Jan 18)
- Re: Secure Delete for Windows J.A. Terranson (Jan 16)
- Re: Secure Delete for Windows GroundZero Security (Jan 17)
- Re: Secure Delete for Windows Yvan Boily (Jan 17)
- PC Firewall Choices Steven (Jan 17)
- Re: PC Firewall Choices Morning Wood (Jan 17)
- Re: PC Firewall Choices Nic Werner (Jan 17)
- RE: PC Firewall Choices Greg (Jan 17)
- Re: PC Firewall Choices Nic Werner (Jan 17)
- RE: PC Firewall Choices Greg (Jan 17)
- Re: PC Firewall Choices Dave Korn (Jan 19)