One Big File Is Not Enough: A Critical Evaluation of the Dominant Free-Space Sanitization Technique

  • Simson L. Garfinkel
  • David J. Malan
Conference paper

DOI: 10.1007/11957454_8

Part of the Lecture Notes in Computer Science book series (LNCS, volume 4258)
Cite this paper as:
Garfinkel S.L., Malan D.J. (2006) One Big File Is Not Enough: A Critical Evaluation of the Dominant Free-Space Sanitization Technique. In: Danezis G., Golle P. (eds) Privacy Enhancing Technologies. PET 2006. Lecture Notes in Computer Science, vol 4258. Springer, Berlin, Heidelberg

Abstract

Many of today’s privacy-preserving tools create a big file that fills up a hard drive or USB storage device in an effort to overwrite all of the “deleted files” that the media contain. But while this technique is widespread, it is largely unvalidated.

We evaluate the effectiveness of the “big file technique” using sector-by-sector disk imaging on file systems running under Windows, Mac OS, Linux, and FreeBSD. We find the big file is effective in overwriting file data on FAT32, NTFS, and HFS, but not on Ext2fs, Ext3fs, or Reiserfs. In one case, a total of 248 individual files consisting of 1.75MB of disk space could be recovered in their entirety. Also, file metadata such as filenames are rarely overwritten. We present a theoretical analysis of the file sanitization problem and evaluate the effectiveness of a commercial implementation that implements an improved strategy.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Simson L. Garfinkel
    • 1
  • David J. Malan
    • 2
  1. 1.Center for Research on Computation and SocietyHarvard University 
  2. 2.Division of Engineering and Applied SciencesHarvard University 

Personalised recommendations