What I want to code already exists but I'm wondering how should I access the FAT to permanently delete a file ( or just How to access it I'll find the remaining after ) using a so called " wiping " technique.

According to the US department of defense ( article DoD 5220.22-M ) if I'm ok, you should

1- write 1's to the surface
2-write 0's to the surface
3- Repeat step 1&2 three times
4-Finally, write a random value and verify it


If you know any stuff about FAT/FAT32 , tell me, i'll be very please of any comments.

Jp
Posted on 2001-08-01 11:11:42 by Unregistered
This post was from Jp? ... the board had problem and it didn't reload the cookies when I submitted my thread.

Jp
Posted on 2001-08-01 11:12:57 by JP?
You have to search in Operative Systems pages.

Here you will find fat relative info:

http://www.nondot.org/sabre/os/articles/FileSystems/

e.g.:
http://www.nondot.org/sabre/os/files/FileSystems/FatFormat.pdf
Posted on 2001-08-01 11:48:22 by n u M I T_o r
Writing a file shredder?

i heard somewhere that you can write 7 layers of junk data over the file, but the FBI can still read the old data with an electron microscope or something
Posted on 2001-08-01 15:08:05 by SubHuman
Yeah subHuman " we don't know waht THEY can do " but according to US Department of Defense it " seems " secure.

I have found more info on what I've said before.
Each byte is first overwriten with 01010101.
The second overwriting pass uses 10101010.
This cycle is repeated three times.

The final overwriting pass is performed with random bytes generated with an ANSI X9.17c keystream generator.

Disk caches are flushed after each overwrite, and the final overwrite is read-back verified.

This method meets or seems to exceed the Purging requirements of NAVSO P5239-26, AFSSI-5020 and AR380-19 etc etc....

It is approved in DOD 5220.22-M for any reclassifying of Classified hard drives in secure Automated Information Systems, even those certified and accredited for Special Access Programs.

LOOK TO WHAT IS COMING !!!!

[[]]]], it is not approved for Purging disks at any level above Secret. Due to the residual magnetization necessarily left to hold the disk tracking servo data, the only way to truly destroy disk data is through degaussing and destruction of the disk. However, the residual magnetization recovery techniques used by intelligence services require expensive laboratory equipment and are only practical for very small amounts of targeted data, as opposed to scanning entire hard drives for possibly interesting files.
-------------------------------------

Your Paranoia is real, so there's no truly good solution for securly deleting files ;) except burning the drive ;(


Have Fun, even though I'll try to doo an app according to DoD 5220.22-M
Posted on 2001-08-01 18:21:07 by JP?
:stupid:

I don't know exactly what do you want to do with your program, but anyway, why do you want to permanently delete files?
It's really bad, and i don't care about what kind of information you want to destroy, but is it really necesary?
Please, simply delete the files.
If you want to do something destructive, first you have to know how to remake what you have destroyed. This means that you really have the power of knowledge!
On the other hand, if you're trying to make a virus or something like that because you want to show to the world your knowledge and because you're 17 years old and you're hungry with your father, first you should know that i'm with you!
It is better to burn it!
Posted on 2001-08-01 19:10:23 by MasmUser
MasmUser, that was possibly the most surreal post i have ever read...

Anyway, there are certain applications for file shredding, eg.

If you kept credit card or financial data on your HD, you assume that by deleting the file, no one will be able to find your data. However, if you sold your computer to someone, they could use a hex editor to look at the HD and read deleted files.

Also if you do not want the CIA finding your back issues of 29A (for example), then a file shredder is necessary.

SubHuman
Posted on 2001-08-01 20:54:14 by SubHuman
Hey MasmUser, I think you're jumping to conclusion a little bit fast...

Like SubHuman said , file shredding is really essential to keep your privacy ( if you have some :)

By the way I don't want to destroy or reformat sector zero ... etc etc ...

MasmUser, you remember some old things to me .... 1st you live in Buenos Aires and you're talking about virus... I think I'll email you.

Jp
Posted on 2001-08-01 21:47:32 by JP?
Guys,

If you want to wipe a disk, there is no substitute for overwriting it many times, you could save the communist manifesto on it in stages inbetween but if you overwrite it often enough, it will become more and more difficult to trace.

Patterns in binary of 10101010 then 01010101 followed by 00000000 then 11111111 will eventually remove any traces of what you are trying to wipe.

You could perhaps confuse them some by writing the names Idi Amin, Saddam Hussein, Richard Nixon, Leonard Breznev, Margaret Thatcher, Abe Lincoln so that you either offend everybody or make everybody laugh, depends where you are. :)

My own preference for security of this type is to write the code so obscure that a cryptologist could not read it and I am sure most assembler language programmers already know how to do this.

Regards,

hutch@pbq.com.au

PS : Lets not hear any more about viruses here, its an absolute no no in this forum and it will lead to "fearless leader" nuking the posts. :tongue:
Posted on 2001-08-02 01:13:22 by hutch--
Unregistered,
Your birthday doesn't happen to be Jan 1, 1986?

If not you should read to replies to JakeB, he was inquiring about similar info.
Posted on 2001-08-02 01:50:31 by eet_1024
Hi guys, i'm sorry. I didn't want to make a history about viruses, i don't care about them and just wanted to meet you and learn about file shredding.
So, 1st, i don't buy anything with my card in the net. 2nd, in my country there is not any law about software, and third, the cia doesn't persecute me.
There is a fourth, do you really think that i'm from Bs. As.? Certanly yes, but the point is that i'm pleased to contact you, because i think that this web is a very very good place to start learning and to meet people that has a lot of knowledge. Thank you for saying that it was the most suerreal post you have ever read...
By the way, if you reformat sector 0, the data on the disk can be restored by calculating cyl, heads, etc. you know the mbr. This is true, for me, if the disk had only one partition.
And, please, tell me if it is necessary to know about the file system or you are writting raw sectors.
Thank you and good bye!
Posted on 2001-08-02 18:01:54 by MasmUser
If you want to shred files, and not just do stupid disk destroying then,
yes, file system information is necessary.

(Already mentioned), flushing the disk cache after each write is pretty
damn important :). And you can't just open the file normally, you have
to follow the FAT chain and do sector writes, otherwise you can't
be sure you're overwriting the data (pretty good chance, but you
can't be certain).

As for removing the filenames, this is a bit bitchy under fat32, because
of the totally bong-brained and forked-up way long filenames were implemented.

Hutch, great idea to write a lot of bullcrap in the sectors :). But be
sure to combine that with "special patterns" -- I guess that will make
magnetic tracing (or whatever wacky techniques the "big guys" use)
a lot harder.
Posted on 2001-08-02 19:05:04 by f0dder
Jp, i have the source code in C to a file shredder if you would like to see it, it is in a ~500kb zip file, so if you want i can e-mail it to you.
Posted on 2001-08-02 19:50:46 by SubHuman