Writing a file shredder in python or ruby?

Asked 3/5, 2010 at 14:48 Answered 3/5, 2010 at 21:3

In the effort to learn python and/or ruby, I was wondering how a file shredder would be implemented? I would like it to take in a file as an argument and then employ an algorithm to make that file unrecoverable. Would possibly add the support for multiple files or even whole directories later.

Duenas answered 3/5, 2010 at 14:48 Comment(2)

Hmm... have you done any research on how file shredders work in general? – Prophetic 3/5, 2010 at 14:55

Yes, I have a relatively basic understanding. Usually the memory location where the file is stored is overwritten several times; all 0's, then all 1's, then a random assortment. Not this exactly every time, but something relatively similar – Duenas 3/5, 2010 at 15:1

Just as a warning, shredders generally will have varying levels of success on modern systems, thanks to journals, copy-on-write file systems, wear leveling (flash), and other techniques used in modern system. Might wanna check out wikipedia on some of the pitfalls.

In short, you'd need to be able to write directly on top of the currently existing data. There's a few different patterns of varying levels of security, but often if you overwrite the file about 25 times with random data (rounding up to the next block size) the file should be completely unrecoverable (at least that copy of the data). There are other techniques that can securely overwrite it in less passes (3 passes, random, ones, then zeros also works decently well).

Putandtake answered 3/5, 2010 at 15:0 Comment(5)

With newer hard drives, even one overwrite with random data is enough to kill any software-based recovery scheme and to make hardware-based recovery rather tough. Of course, modern systems tend to do crazy things that prevent that overwrite from really happening. E.g. Windows has shadow copies of files that it keeps for who knows how long. Since they tend to be partially based on time, overwriting a file will have no effect no matter how many times you do so. Hardware based wiping is usually pretty reliable, though that gets rid of ALL data; it's not selective. – Spearwort 3/5, 2010 at 15:8

Ok, so how would i overwrite a file at its current location? – Duenas 3/5, 2010 at 15:46

@pmilb21, you missed the point. You can't overwrite a file at its current location with a modern file system. The only way to shred data is to unmount the disk open it as a block device and shred its entire contents. – Bride 3/5, 2010 at 16:51

Ok, so then what do the file shredders like File Shredder and the shredder that comes with spybot search & destroy do? – Duenas 3/5, 2010 at 17:8

@Brian, yep, forgot to mention about that. @pmilb21, At best, they'll overwrite the current contents of the file (if using low level access), but they won't be able to do anything about indexed, cached, and prior copies laying around on the disk in space currently marked 'free'. You can defeat simple 'undelete' programs, but the more complicated ones and criminal forensic techniques will search in a multitude of ways in an attempt to rebuild the file. – Putandtake 3/5, 2010 at 20:4

Since this is a learning exercise and not a professional attempt to secure data. How about this: 1. Discover the length of the file. 2. Write 0's to the same length of the file. 3. Save the file. 4. Delete the file.

Then make another program that tries to recover the file.

But yes, if looking to make something professional and not just an exercise, look into kitsune's answer.

Gerhard answered 3/5, 2010 at 21:3 Comment(0)

Recommended topics

Hot tags