Software

LINUX PICKS AND PANS

Once It’s Motivated, Wipe Really Takes Out the Garbage

Wipe

Wipe via the Nautilus file manager

My quest for a secure file deletion app started by accident. But it resulted in my finding a solid solution with Wipe.

My approach to making sure nobody harvests sensitive data from my cast-away aging equipment is to never give it away. Instead, I yank the hard drive from the computer’s innards and literally drill it full of holes. Then I smash it flat with my trusted sledge hammer.

Hey, that method works well for me. By the time my home office of more than a half-dozen desktops, laptops, netbooks and tablets are ready for blunt force trauma, they no longer have much usable life left.

But a colleague asked me to make sure his old computer that he was gifting to a relative would not reveal any hidden secrets. So my remove-and-smash strategy was not a solution for my cautious compadre.

Wipe got the job done despite my hesitation to trust an app that only runs from a CLI (Command Line Interface). It took me a bit to do its required set up. However, the results it delivered convinced me to run it on my own machines to render sensitive data that I delete irretrievable.

Uncharted Turf

Secure file deletion is not a concept that computer users typically confront. Unless they are indoctrinated about digital dangers, hitting the “delete” key is often regarded as tantamount to ridding the computer of its refuse.

But that is not a correct assumption, even for the otherwise safe and secure Linux OS. All deleting a file does is alter its directory listing to tell the OS its space is available for saving something else. Time is a factor here. That freed-up space may sit there exposed for days or weeks, or even longer.

Very simple tools let computer users “undelete” this potential new free space on the hard drive by changing the deleted file markers back to what they were. Even worse, computer experts can get under the overwritten storage space to retrieve the original contents.

Do not think that reformatting the hard drive will remove all your private data. Wrong assumption! Skilled computer folk can still access your fluff and stuff. Reformatting a drive is not the same thing as wiping its data.

Immediacy Is Imminent

Wipe eliminates these discovery and retrieval threats. The app immediately overwrites the deleted files as soon as you issue the wipe command. It overwrites the deleted files multiple times, making retrieval much less likely even by computer forensic experts.

If you rely on file-encryption programs, you might have a false sense of security over your deleted files. For example, strong encryption is not much protection if your deleted original text or document files can be recovered. This exposure happens when the encryption program fails to treat them as temporary files and keep them off the platter and instead in an encrypted file system.

Wipe makes the process less daunting, even without a menu entry. It adds a right-click menu option to the Nautilus file system if you configure the app properly. This eliminates the need to run Wipe only from a terminal window.

Unfriendly Field

Normally, I would have rejected Wipe as being too techie for general consumer use. I also reject the notion that if I use Linux, I must accept tools that require comfort with terminal functionality.

After all, subjecting users to Unix-like environments defeats the goal of Linux adoption for all. But I also view using Linux as part of my expanding computing horizons. And the security that Wipe provides was important.

Still, I think it is time enough for the open source community to make file wiping much more user-friendly. I have not found any effective disk-wiping package that comes with its own GUI. So Wipe is a necessary evil that gets the job done with a minimum of user difficulty.

Getting It

Wipe is available in packages for most Linux distros. This includes Debian GNU/Linux and Ubuntu.

Since I run various Ubuntu versions on most of my computers, I had no difficulty using Ubuntu’s Software center to install Wipe. To test out other options, I also did a manual install on some of my gear. That process is relatively simple. Here is how to do it.

Open a terminal window and enter:

sudo aptitude install wipe

Using It

That puts Wipe on your system. But do not look for a menu entry as no exists. You must run Wipe from a terminal window like this:

wipe -h

That command displays all the parameters. This is the mildly intimidating part. Just spend some time familiarizing yourself with the commands. Match what you want to do to what commands switches will accomplish your goals. Then enter your specific parameters.

For example, the syntax is relatively simple. It follows this pattern: wipe [options] path1 path2

A typical command entry would look like this:

wipe -rf /Jack/home/

-r is the wipe every file option. -f forces file wiping and suppresses permission warnings. The rest of the command specifies the location on the hard drive.

Another Way

Using the CLI approach is a suitable yet slightly cumbersome way to securely remove deleted files from portions of your hard drive. It also is a handy way to wipe your data areas in bulk.

Another method is available to keep a wiped drive clean or a new hard drive snooper free. An add-on tool lets you run Wipe more easily as a right-click menu option in the Nautilus file manager.

Use the package manager to install the Nautilus Actions Configuration tool. Once it is installed, run Nautilus Actions Configuration from the System / Preference / Nautilus Actions Configuration menu on the Desktop panel.

Configure It

Click the Add button in the configurations menu. Then enter these details in the action panel.

Label: Wipe

Tooltip: Wipe utility to securely erase files

Icon: gtk-dialog-warning

In the command panel enter these details.

Path: wipe

Parameters: -rf %M

Next, click on the Conditions tab. check the box indicating “both” under the Appears if selection contains option. Also check the OK box for the option that says, “Appears if selection has multiple files or folders.”

Final Steps

Complete the setup process by opening a terminal window and entering the following commands to update the Nautilus right-click menu.

nautilus -q {enter}

nautilus {enter}

Now every time you delete a file that has sensitive or personal information, do it through the Nautilus right-click menu. You will see the Wipe choice in the list.

Just place the mouse on the file name. Right click and select the wipe command in the menu.

Bottom Line

Once you have Wipe installed and the right-click menu tool added, securely deleting files is quick and simple. The application automatically handles the multiple pass overwriting routines.

Wipe repeatedly writes special patterns to the files to be destroyed. It uses the “fsync()” call and/or the “O_SYNC” bit to force disk access.

A few related secure deletion tools are available for Linux systems. But they are much more laborious to use. Until developers build a graphical front-end for secure deletion tools, Wipe is as close as it gets to combining ease-of-use with effective secure file deletion.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by Jack M. Germain
More in Software

LinuxInsider Channels