android - Safely wipe file content -


how safely delete file content? mean data should unrecoverably wiped, if (intruder) undelete deleted file, 1 find instead of real data garbage?

in practical terms, can't because have no idea kind of medium being used storage , whether blocks can reliably overwritten. true on mobile devices containing flash, has wear-leveling prolong life , isn't guaranteed overwrite same block internally when overwrite block on filesystem. make possible determined adversary gains physical control on medium recover previously-written blocks.

you better off assuming data intercepted , encrypting storage.

this vulnerability has nothing os , medium. shred et al depend on assumption overwriting block in file happens in place. on medium limited write cycles (e.g., flash), unsafe assumption because on-board controller reassigns logical block addresses new blocks of physical memory on writes way delay reaching write cycle limit on physical block. process transparent host. hard disk drives similar way of staving off failures resulting bad blocks.

an adversary has device in hand can transplant flash ics onto new carrier , read entire contents, including blocks discarded controller part of wear-leveling process. haven't checked, wouldn't surprised if controllers in flash devices can put mode allows direct access memory, eliminating need physically tamper @ all.


Comments

Post a Comment

Popular posts from this blog

apache - Add omitted ? to URLs -

i working on website cms reads page name of query string, e.g. http://exmaple.com/?pagename . trying create rewrite rule rewrite ? . so, user types in /pagename , taken /?pagename try this: rewriteengine on rewritecond %{request_filename} !-d rewritecond %{request_filename} !-f rewriterule ^/?(.*) index.php?$1 [l]
Read more

redirect - bbPress Forum - rewrite to wwww.mysite prohibits login -

i using bbpress installation without wordpress integration. the redirect of rewriteengine @ forum site works: rewriteengine on rewritecond %{http_host} ^forum.mysite.com$ rewriterule (.*)$ http://www.forum.mysite.com/$1 [r=301,l] the problem login pppress. bbpress login not recognize: http://www.forum.mysite/bb-login.php . it redirects to: http://forum.mysite.com/bb-login.php . i tried permalink settings none , name based, same issue. does uses redirect in bbpress or how can eliminate "double" content , redirect permanently www.? i redirected www.forum.mysite.com forum.mysite.com , achieved eliminate "double" content.
Read more

php - How can I stop spam on my custom forum/blog? -

so have custom built forum & blog system of late has been dealing lot of spam. if wordpress use akismet, if different common platform i'm sure i'd find plugin. there kind of static class can download this? using php. i'd still go akismet, if it. uses outside of wordpress, may have pay fee it, depending on use -- check terms , conditions -- it's option , easy implement in php using api. use api key wordpress. com account access. basically, grab whichever php client library takes fancy -- use alex potsides' php5 library -- plug in key, , it's handful of lines of code. here's bare bones of validation straight 1 of live sites: ... if ($akismet) { $akismet->setcommentauthor($name); $akismet->setcommentauthoremail($session->userinfo["email"]); $akismet->setcommentauthorurl(""); $akismet->setcommentcontent($sentence);...
Read more