man shred warns that the command is not useful on file systems that don't overwrite in-place. I don't have much knowledge about the current and upcoming file systems, but I would suspect that many of them support some special in-place write mode for this purpose, which is used by shred.
Am I right with this assumption? Is it already implemented in shred? Is there some way of telling without too much trouble (e.g. when a new file system is announced)?
Best Answer
shredis mostly useless. In order to remove the content of a deleted file from the disk image, it isn't enough to overwrite the places where the file was: you need to remove all copies of the file. It's not just a matter of the file having been overwritten in place. With many types of files, there can be multiple files with mostly the same content, because the file was edited and there are deleted backup copies left around.Additionally, if the disk becomes damaged, it may be impossible to read the data by software means, but still possible to recover it by hardware means, or by letting the disk cool down (putting a hard disk in a freezer makes it less error-prone for a little while, until it finally gives up the ghost).
The safe way to shred a file is to store it from the start inside an encrypted container protected by a strong password (generate a long enough, random password, and write it down; when you're finished with the file, burn the piece of paper).