SFill is designed to delete data which lies on available diskspace on mediums in a secure manner which can not be recovered by thiefs, law enforcement or other threats. The wipe algorythm is based on the paper “Secure Deletion of Data from Magnetic and Solid-State Memory” presented at the 6th Usenix Security Symposium by Peter Gutmann, one of the leading civilian cryptographers.
The secure data deletion process of sfill goes like this:
* 1 pass with 0xff
* 5 random passes. /dev/urandom is used for a secure RNG if available.
* 27 passes with special values defined by Peter Gutmann.
* 5 random passes. /dev/urandom is used for a secure RNG if available. afterwards as many temporary files as possible are generated to wipe the free inode space. After no more temporary files can be created, they are removed and sfill is finnished.
sfill [-fiIlvz] directory
-f fast (and insecure mode): no /dev/urandom, no synchronize mode. -i wipe only inodes in the directory specified -I just wipe space, not inodes -l lessens the security (use twice for total insecure mode). -v is verbose mode. -z last wipe writes zeros, not random data.
cyborg@cyborg:~$ sudo sfill -v -z DIR1 Using /dev/urandom for random input. Wipe mode is secure (38 special passes) Wiping now ... Creating DIR1/oooooooo.ooo ...