fwipe: Securely Erase Files

When you delete files from disk, you are not deleting your
data! All that is removed is an entry in a directory, telling 
where your data is. Utilities like Norton's Disk Doctor, and
lots of others, can pretty easily undelete your files. (Did
you read the footnotes in the Starr report? Some of the evidence
in that report came from "deleted emails".)

I use secure file deletion all the time. My company-issued laptop
contains private emails, as well as sensitive financial information.
Although my boss is unlikely to undelete and read that stuff, I
believe in taking the same precautions with electronic information
as I would with information on paper (which I always shred--even
the junkmail).

For two years or so, I've used a simple shell script for erasing
files. The script was published in the Linux Gazette as a "2-cent
tip" entitled Binary File Access with dd. Although the script was
adequate, I've grown tired of its pitiful slowness.
(See: http://www.nb.net/~lbudney/linux/misc/dd.html)

Enter fwipe. fwipe implements the same concept in C, and runs at
least 30 times faster than the shell script. It was designed with
security in mind: fwipe0, which actually erases your files, is
immune to filenames containing spaces, carriage returns, dashes,
or any other special characters (see the man page). You can use it
in place of rm in cron jobs, together with "find ... -print0". The
output of fwipe0 is specially designed to be parsed easily by machine,
so it can be embedded in other applications which need secure file
erasure.

One such application is Dan Bernstein's serialmail. You can use serialmail
plus fwipe0 to securely erase the contents of a maildir with the command:

      maildirserial dir prefix fwipe0 -n


Changes:

0.35. - Changes: Added RPM spec file.
0.30: - added "slowness" feature to reduce I/O load and improve console
        responsiveness during large wipes. 
0.25: - switched to unbuffered writes to reduce CPU consumption
      - bugfix--now fwipe overwrites with 0's and 1's

Licensing

fwipe is issued under the BSD license. Some of the source code for
fwipe was borrowed from Dan Bernstein, who has not specified what
license applies to his code. From his public remarks, I am confident
that he doesn't care what is done with his code, as long as:

1.	Nobody thinks that Dan is responsible for your project,
2.	Nobody thinks that Dan endorses your use of his code, and
3.	Nobody bothers Dan about problems with your project, including code borrowed from him.

Note that these restrictions are really a restatement of the spirit of
the BSD license. If you use any of my code, I don't want people bothering
me, either! The BSD license, together with the DBD (``Don't Bother Dan'')
clause, is included in the fwipe distribution. You can also read it
here: http://www.nb.net/~lbudney/linux/software/fwipe/COPYING.txt

Contact 

Send any patches, bugs, complaints, free beer, etc to Len Budney lbudney@pobox.com 

The fwipe homepage is located at:

	http://budney.homeunix.net:8080/users/budney/linux/software/fwipe.html

Cryptographic signatures and checksums may be provided by 
the developers at the URL(s) above.  Wiretapped recommends
that users check these before use of the software/information.