srm securely erasing a text file. |
SRM (or Secure Remove) is a secure file removal utility for Unix and Unix-like computer systems, such as Mac OS X or Linux respectively. It is a command line utility which (by default) exercises the Gutmann 35-pass algorithm for secure file deletion.
There are two small, but serious, differences between srm on Linux-based systems and on Mac OS X. Files stored on a partition using Apple Computer's HFS or HFS Plus filesystem formats may have a resource fork which must also be securely deleted; Apple has modified the standard srm
sourcecode to perform this function on its systems. Also, Apple interfaces to srm
, such as "Secure Empty Trash" in the Finder, use the DOD-recommended 7-pass algorithm, although srm
uses the 35-pass version by default.
For most purposes, srm
with a single erase pass on small, modern, high-density hard drives is probably "secure” in the intended sense of the word — files so obliterated from the disk surface are beyond the resources of private companies or individuals to recover.
However, data recovery techniques used by governments, such as intelligence agencies, remain a matter for deep speculation. It is probably best to remain agnostic on the issue of potential data recovery by deep pocket enterprises, especially since the well-studied Gutmann algorithm has not been modified for years. One school of thought maintains that the Gutmann algorithm has not been correctly implemented unless the order of the 35 overwrite pattern passes has been randomized.
It is the inability of the hard drive read/write mechanism to maintain exact registration over a physical bit of recorded data that allows both the possibility of data recovery, and Gutmann's ingenious reply to this weakness. The 35-pass algorithm in effect uses the sloppiness of the hard drive to blur out its own errors. In theory, greater precision by better drives only improves the effectiveness of srm
. However, srm
has a limited effective domain — magnetic and solid-state media — and probably should not be relied upon in other recordable media contexts, such as optical drives, without further study.
The US government recommends complete physical destruction of hard disk data surfaces to guarantee secure data erasure. Presumably, this can be accomplished by abrasion, or by a small amount of thermite ignited over a large, well-ventilated pot containing sand.
The ATA includes the Secure Erase command,[1] which is implemented in all hard drives manufactured after 2001.[2]
Contents |
In Mac OS X, attempting to delete a file with multiple hard links results in the current access path being unlinked but the data itself not being overwritten or truncated, even if the -n
option is specified, which means “overwrite file, but do not rename or unlink it.”
|