Drobe :: The archives
About Drobe | Contact | RSS | Twitter | Tech docs | Downloads | BBC Micro

FileNuke app in wet fizzle claim

By Chris Williams. Published: 2nd Oct 2005, 17:37:56 | Permalink | Printable

BPUT doesn't quite cut it, say fellow coders

RISC OS security motifConcerns have been raised over the effectiveness of Paul Vigay's evidence destroying software, FileNuke. The program claims it offers "military grade" removal of information from magnetic media, so that there is "no chance of data recovery, even by the most hardened forensic scientists."

The software works by repeatedly overwriting a file with random and predefined data. In theory, experts will then be unable to scan the magnetic media for the original file if the disc was ever seized or stolen. However, as pointed out by a few fellow coders, the RISC OS filesystem tends to move the position of files around the surface of the disc when the files are extended in size or the filesystem is reorganised. This means fragments of files tend to be scattered around the disc.

According to the BASIC source code distributed with FileNuke, the application only removes a given file from its current position on the disc, and does not remove partial fragments potentially littered around the disc. This means aforementioned forensic scientists could recreate a supposedly destroyed file.

One programmer whispered, "I applaud anyone developing for our market and don't like stomping on anyone's efforts, but I'm concerned that this is misleading people into a false sense of security and is being falsely promoted."

Paul was unavailable for comment.

Links

Paul Vigay's website

Previous: Software news
Next: Star Fighter upgrade in free for all

Discussion

Viewing threaded comments | View comments unthreaded, listed by date | Skip to the end

A similar utility by Sergio Monesi ( [link] ), which is unfortunately not 32-bit compatible, had an option to wipe all of the free space on a drive.

This should solve the problem, so perhaps Paul could consider adding a similar option to FileNuke? It certainly has the potential to be a very useful utility, in my opinion.

 is a RISC OS Userflypig on 2/10/05 8:28PM
[ Reply | Permalink | Report ]

There is, also, Nat Queen's Erase:

[link]

I don't know whether or not that succombs to the same failing as FileNuke, though.

 is a RISC OS Userrichcheng on 3/10/05 2:20PM
[ Reply | Permalink | Report ]

They all will unless they contain code to find the free space on the disc. This can either be done by directly reading the disc map (like DiscKnight), or there is a quick cheat - capture the information from the *Map command which gives the start address and length of each block (as done by !FreeMap). xxFS_DiscOp commands then can be used to blat these areas. All other disc operations must be prevented while this is occuring otherwise FileCore may recompact or allocate the space causing files to be corrupted.

 is a RISC OS Userdruck on 3/10/05 3:02PM
[ Reply | Permalink | Report ]

From what I'm reading here, though, is wiping a disk's free space enough? Could the file you want to wipe have not previously been stored where a different file now is? If it requires an area of the disk to be overwritten multiple times before the data is irretrievable then the file could still be found. Or have I got things completely wrong? :-)

 is a RISC OS Userben on 6/10/05 9:00AM
[ Reply | Permalink | Report ]

There is another couple of features of FileCore that are security issues in this context. The first is that if space is reunsed for another file, the unused part of the last sector is not wiped leaving a small amount of original data. Not normally very useful, but plenty large enough for a fragment of text file containing a password or credit card details. The other is that when space is reserved for a new file either by the *Create command or by the filer when it starts a copy, the original contents of the space is not wiped, leaving the data visible in the file after the *Create or if the filer copy is then interrupted - the exception is when the copy is over ShareFS when the space is wiped before copying (leading to a long delay for large files) to prevent external users grabbing the data.

As for multiple overriting, this is only necessary for the most paranoid who see black helicopters everywhere, as there are very few origanisations capable or interested in retreiving erased data from your system. Its far more important to ensure the data is just overwritten once before you put your old drive on ebay or the charity stand at a show. IN which case FileNuke is not the correct tool, you need to overwrite every sector on the disc, which eliminates all the above problems with file fragments. Then reformat it so its usable by the next owner.

 is a RISC OS Userdruck on 6/10/05 9:58AM
[ Reply | Permalink | Report ]

Perhaps this issue applies to most secure delete apps.

More often than not re-saving a file results in deltion of the old one and then saving the new one, thus no guarantee for re-use of the previous disc blocks at all. If one of those blocks is then used by another file it is just overwritten once - far from military grade. Thus wiping the free disc space is no real help either. And then think about the defragmentations ...

Thus my guess is that the only really safe deletion is deleting the whole hard disc (or partition).

 is a RISC OS Userhzn on 16/10/05 9:42AM
[ Reply | Permalink | Report ]

Please login before posting a comment. Use the form on the right to do so or create a free account.

Search the archives

Today's featured article

  • Electric Light Show review
    Throw some crazy shapes on your desktop
     4 comments, latest by SimonC on 30/7/05 1:15PM. Published: 29 Jul 2005

  • Random article

  • New TechWriter style editor revealed
    Word 2K export to be included in next major release
     4 comments, latest by martin on 17/10/07 9:33PM. Published: 14 Oct 2007

  • Useful links

    News and media:
    IconbarMyRISCOSArcSiteRISCOScodeANSC.S.A.AnnounceArchiveQercusRiscWorldDrag'n'DropGAG-News

    Top developers:
    RISCOS LtdRISC OS OpenMW SoftwareR-CompAdvantage SixVirtualAcorn

    Dealers:
    CJE MicrosAPDLCastlea4X-AmpleLiquid SiliconWebmonster

    Usergroups:
    WROCCRONENKACCIRUGSASAUGROUGOLRONWUGMUGWAUGGAGRISCOS.be

    Useful:
    RISCOS.org.ukRISCOS.orgRISCOS.infoFilebaseChris Why's Acorn/RISC OS collectionNetSurf

    Non-RISC OS:
    The RegisterThe InquirerApple InsiderBBC NewsSky NewsGoogle Newsxkcddiodesign


    © 1999-2009 The Drobe Team. Some rights reserved, click here for more information
    Powered by MiniDrobeCMS, based on J4U | Statistics
    "We accept Drobe likes to be [controversial], no problem there - but a sinister pattern has appeared over the past year or so"
    Page generated in 0.0842 seconds.