maemo.org - Talk - script to wipe all sensitive user data - guinea pigs (/lemmings) wanted, apply within!

maemo.org - Talk (https://talk.maemo.org/index.php)

- Maemo 5 / Fremantle (https://talk.maemo.org/forumdisplay.php?f=40)

Re: <s>xterm command</s> script to wipe <s>all</s> sensitive user data?

Quote:

Originally Posted by festivalnut (Post 939110)

in my alternate life as an international man of mystery i may at some point have to wipe all my data in an emergency, i know there is a short xterm code to completely erase everything, but i want the phone to still be usable, i was just wondering if there is a xterm code that will wipe all user data but leave the os intact? then i can queen beecon it and if the commies catch me i can hit the button and nobody has to die. yet.

p.s. this post will self destruct in 3hours.

Mr. A. Anderson, who goes by the hacker alias festivalnut, and are guilty of virtually every computer prank we have a law for. By posting here you're automatically put on the watchlist, so I fully understand the level of emergency you're now facing.

I tell you what, merely rm -f is not enough to protective your hard-earned data from law-enforcing agents. Encrypted data is also out of question, as they've all the method to make you spew out the passcodes, along with your blood.

What you need is to overwrite /dev/mmcblk0p1 with careful selected pattern algorithms that are compliant with DoD 5520.22-M or NNSA NAP-14.x, for at least 7 times. Failing to do so, your erased data can be recovered with very simple forensic data recovery equipment in just 5 minutes.

There's a opensource program called scrub which is implemented with the necessary algorithm to safely erase your data. However, at time of speak the officially scrub download area seems to be removed from public viewing. I'm afraid somebody is onto you.

So now you need a quick script for the emergency:

Code:

umount /dev/mmcblk0p1

while true

do 

dd if=/dev/urandom of=/dev/mmcblk0p1 bs=1024 count=28312128

done

The above script will run in infinite loop until you shutdown your device. The reason for running dd in infinite loop is obvious: when you're being held in custody and your N900 is being confiscated, you want your data to be erased as many time as possible such that the data can't be recovered even with military-grade recovering devices. Of course, the dd takes time, you must run (literally) as far as you can after you triggered the script such that the dd command can complete at least 10 overwriting cycles before you get caught. You need to run for at least 10 minutes for the destruction sequence to be completed.

Hope this helps.

P.S. Be honest, you just want to keep your secret from your wife do you? In this case running that dd command above once is okay, unless she's working for DoD or FBI.

Re: xterm command to wipe all user data?

Quote:

Originally Posted by Cue (Post 939580)

dpkg --get-selections > mypackages
dpkg --set-selections < mypackages

:D

first to backup and second to restore i presume? awesome! i may be a lot more willing to break stuff in future! :)

Re: <s>xterm command</s> script to wipe <s>all</s> sensitive user data?

Quote:

Originally Posted by 9000 (Post 939581)

hahaha love it! but a little too extreme, perhaps overwriting the deleted segments a few times may be prudent to satisfy paranoia, but a ten miute jog waiting on complete digital annhialation is just not on the agenda!

Quote:

P.S. Be honest, you just want to keep your secret from your wife do you? In this case running that dd command above once is okay, unless she's working for DoD or FBI.

lol no, really, i don't have a wife, not enough time these days with all the international subterfuge and dictator toppling, and if i did she'd have to be comfortable with my alter-ego! (and tolerant of occasional fantasies and random weirdness!)

Re: <s>xterm command</s> script to wipe <s>all</s> sensitive user data?

Quote:

first to backup and second to restore i presume? awesome! i may be a lot more willing to break stuff in future!

yep, it's pretty useful after a flash or if you want to clone an N900. The first just makes a list of all your installed packages. The second just selects them so you can install them by doing

sudo apt-get -y update
sudo apt-get dselect-upgrade

This installs them automatically without having to open an app manager and select them individually. Just to be clear this will not backup and restore app user data, it will just install all the apps you had before, fresh.

Re: script to wipe all sensitive user data - guinea pigs (/lemmings) wanted, apply within!

I would imagine there is some wear leveling in place for the memory, so when you try to selectivly overwrite a given block, the controller will automatically redirect that write to the least used blocks instead.

overwriting all free space is needed to prevent easy recovery

Re: <s>xterm command</s> script to wipe <s>all</s> sensitive user data?

Quote:

Originally Posted by 9000 (Post 939581)

What you need is to overwrite /dev/mmcblk0p1 with careful selected pattern algorithms that are compliant with DoD 5520.22-M or NNSA NAP-14.x, for at least 7 times. Failing to do so, your erased data can be recovered with very simple forensic data recovery equipment in just 5 minutes.

That might not be sufficient for flash memory. The "Data on Solid State Drives" section of Wikipedia article about
data remanence explains it.

Re: <s>xterm command</s> script to wipe <s>all</s> sensitive user data?

Quote:

Originally Posted by talmage (Post 983658)

That might not be sufficient for flash memory. The "Data on Solid State Drives" section of Wikipedia article about
data remanence explains it.

uuhh, yeah.. off topic. so, expecting an 'srm' in maemo is impossible because it's practically ineffective?
but still I think it's still better to have a secure erase tool (even 1 pass zero bytes) rather than stuck with standard 'rm' where all deleted files can be easily spotted directly from the device using testdisk or any file recovery tool available on maemo