bug-coreutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Default number of overwrites in shred


From: Peter Eckersley
Subject: Default number of overwrites in shred
Date: Wed, 02 May 2007 23:35:06 +0000

Hi!

I was wondering if you would consider reducing the number of default
overwrites for "shred" from 25 to something more like 5?

We'd like to get shred called from more standard packages (starting with
logrotate).  For various reasons, plenty of systems seem to have large
enough log files (10s of megabytes) to make the shred load spike really
nasty on a server.

John Gilmore (CCed) has been arguing very strongly that we shouldn't
have logrotate override shred's default on this, but should instead be
changing shred to get a better default performance/security tradeoff.

The literature seems to say that large numbers of writes (25+) were
barely adequate on old 80s and 90s disks, but that even a single
overwrite cycle is extremely hard to get past on modern disks:

http://www.usenix.org/events/sec01/full_papers/bauer/bauer_html/index.html

http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf
(p 16)

I also read a more detailed paper (which unfortunately I can't track
down now) which elaborated that the problem on old disks was that
performing huge numbers of writes today might lay down a lot of data
*next to* where the disk was writing yesterday, but not quite on top of
it.  The spatial location of the heads is much more precise on modern
disks, so this doesn't happen anymore.

-- 
Peter Eckersley                            address@hidden
Staff Technologist                Tel  +1 415 436 9333 x131
Electronic Frontier Foundation    Fax  +1 415 436 9993





reply via email to

[Prev in Thread] Current Thread [Next in Thread]