7

I have moved to Ubuntu 12 and chosen to use full disk encryption (encrypted LVM).

So now I'm wondering: should I shred (eg: with secure-delete package, srm) the free disk space to remove any remnant windows might have left?

Is free disk space treated any different?

HappyDeveloper
  • 654
  • 2
  • 6
  • 13

1 Answers1

8

The standard recommendation, is that you over-write a disk/volume with random data before you setup luks. The Ubuntu installer will even offer to do this for you if you select the Expert mode. I don't believe the latest version will do this by default though, but I haven't actually tried it. This is often skipped/ignored because the process will take a long time.

But no, luks does not automatically fill or over-write blocks when it is setup.

Using the psuedo random generator in badblocks (badblocks -c 10240 -wsvt random /dev/<device>)is usually considered good enough and suggested as a good method to wipe a volume by most LUKS guides and HOWTOs.

Zoredache
  • 128,755
  • 40
  • 271
  • 413
  • 2
    at least for SSD you can do a secure erase which is quite fast and zeroes all data, but not sure if that meets the "needs random data everywhere" goal.. – Jeff Atwood Jun 20 '19 at 08:45
  • 1
    Yeah, I am not sure how useful that is for most people. Filling with random data is supposedly to hide from an attacker how much data you have on the device, since random bits are supposed to look the same as encrypted data when you are using modern ciphers. – Zoredache Jun 20 '19 at 17:12