Thread replies: 17
Thread images: 1
Thread images: 1
Anonymous
I may have found a bug that compromises secure erasure 2017-02-01 11:46:20 Post No. 58748129
[Report] Image search: [Google]
I may have found a bug that compromises secure erasure 2017-02-01 11:46:20 Post No. 58748129
[Report] Image search: [Google]
File: bleachbit-628x356.jpg (43KB, 628x356px) Image search:
[Google]
43KB, 628x356px
I may have found a bug that compromises secure erasure
Anonymous
2017-02-01 11:46:20
Post No. 58748129
[Report]
I have been running experiments on disk wiping and data shredding during the last 3 weeks, and I just ran into something very wrong by a mere coincidence. I do not know if this is a bug with Bleachbit or with Linux, but I'm inclined to think it's on BB because of reasons I will mention below. The short version is that I have been creating 'target' files to test different cleaning and safe erasure tools and methods; basically I'm shredding the files and/or wiping the free space after deleting them, and then trying to recover the file, corrupted fragments, metadata, or whatever that can prove the existence of said file before the procedure. I have been comparing several procedures and gathering data about their effectiveness and other parameters, and I have been using different kinds of 'target' files such as several image formats, plain text files, and compressed files.
All of this isn't really the problem; shredding and wiping have been working as intended with all the tools and methods I have tried, on both Debian Jessie and Windows 7, running ext4 (I'm not journaling stuff) and NTFS file systems. The problem I've run into is that both Debian and BB have failed to clean the thumbnails and the thumbnail cache, even though I have instructed them to do so several times and with the proper privileges. I had not realized this through my experiments because the scope was the free space, fundamentally, I have identified 2 reasons:
1.- I never bothered to go and check those 7 directories with thumbnails because I had no reason to assume that they weren't being cleaned.
2.- When I performed the forensic procedures (also testing several tools) I only focused on the free space, since I had no reason to think that the thumbnails weren't being deleted.
CONT
>>
>>58748129
Disregarding the details of the experiments on the free space, since they're not relevant to the bug, these are the things I've done that should've affected the thumbnails and thumbnail cache:
>ran BB as root and performed a cleanup with all the options marked and no exceptions in the exception list; also marked the option to overwrite the deleted stuff.
>same as above but with my privileges instead of root's; the marked options in both cases included the thumbnails and thumbnail cache, so the expect result is that the relevant folders (for both root and my user) should contain nothing prior to the cleanup.
>my Debian is setup to delete temporary files, usage records, and trash older 14 days. I have also triggered it manually, but I do realize that nobody claimed this option gets rid of the thumbnails too; therefore I'm inclined to think that it is normal that Debian doesn't clean the thumbnails, but BB should do it, since it says specifically that it will do so
CONT
>>
>>58748133
All these procedures I have performed at least two dozen times during my experiments, as well as free space wipes and other things not relevant to the issue, since the fucking thumbnails never got deleted in the first place. Hours ago I decided to test to make sure that the thumbnails generated by Nautilus don't get mixed with the other ones, so I decided to browse a flash memory with 'target' files using Nautilus to generate the thumbnails while inspecting the concerning directories, and I was very surprised to see that I have thumbnails and cached thumbnails from as far as 8 months back, roughly when I installed this OS. This is valid for both the user and root, and in my distro they're specifically these directories:
~/.cache/thumbnails/fail/
~/.cache/thumbnails/large/
~/.cache/thumbnails/normal/
/home/anon/.cache/thumbnails/fail/
/home/anon/.cache/thumbnails/large/
/home/anon/.cache/thumbnails/normal/
/home/anon/.thumbnails/normal/
CONT
>>
>>58748140
All of these contain thumbnails that should've been deleted by BB; many of them are from 'target' png and jpeg files, and many others are from non-target files such as old PDFs, scanned stuff, cat pictures, screenshots I took from anime and porn, and more stuff that I can certainly identify as really fucking old. For reference, I run Debian Jessie, and I am a GNOME guy myself, even though some people say that other DEs are supposed to be better; it's just that old habits always come back, and I always end up running GNOME. I don't rice or do any kind of modifications, I don't even change the wallpaper; all I do is install application software that I need and work with files, and occasionally I make sure that the system's settings are appropriate for what I intend to do (e.g. I made sure that journaling wasn't set to data=journal before my shredding experiments) and I always find that the default settings are good enough, so my system is pretty much as it comes OOTB. The only proprietary things I have are Java (actual Java), Steam (and games), and some contrib stuff (who doesn't?) that shouldn't be related to this anomaly.
I'm hoping that this is something inane that's only wrong with my system, but I guess it's better to post this and find out. Lastly, there is a thing that always looked wrong to me: whenever BB would clean stuff and overwrite the space it was in (because I always ticked the setting), it would almost end instantaneously. From running the same cleanup on Windows with CCleaner I have seen that it takes a few minutes to shred the cleaned temp files, but I never gave it a second thought because I'm freetarded and I figured that somebody would've noticed something wrong with BB. Fuck me sideways.
CONT
>>
>>58748152
By the way, no SSDs were used ever, for nothing; just 4 HDDs.
>TLDR
TLDR:Bleachbit doesn't delete the thumbnails and cached thumbnails on my system; also I have reasons to suspect that it doesn't overwrite deleted stuff when told to do so. This statement is true no matter what user runs it (even root). If you run GNU/Linux, please consider taking 3 minutes to test this yourself and reporting back the results; all you need to do is to mark all the thumbnail-related stuff (although a full cleanup is better) and run the cleanup, preferably once as root and once as non-root, then go to the thumbnail and cached thumbnails directories of those users,and if they're still full of old shit then it isn't working for you either. I'm hoping that one of the first replies will tell me that I'm retarded because I ignored something obvious that everyone knows; by all means, please do it.
END
>>
interesting, I'll test it
>>
>>58748159
>I'm hoping that one of the first replies...
>implying that I'll get replies
It's 6 in the morning and I need to sleep, I hope you fags don't let it die just like that and then in 10 years complain about how nobody noticed a huge bug in the source. I swear I told you about dirty COW like 3 years ago but nobody believed me. Out.
>>58748200
Checked your digits.
>>
Bump for OP, interested in results
>>
>>58748129
Report to bleachbit you dummie
>>
>>58748129
>Relying on meme-were for your security/privacy
At least try next time.
>>
Tell the FBI so they can look at Hillary's email server again.
>>
>>58749891
Sure, even they aren't stupid enough to rely on bleachbit
>>
>>58749616
Or, you know, just use something that works like shred.
>>
rip
>>
Sooo... you didn't delete the files and they were still there? I fail to see the problem.
Next time actually delete the files.
>>
Windows secure erase has the same problem.
>>
Stop excusing it you shills.
>>58749950
Bleachbit works as intended for shredding files and folders manually and also for wiping free space, that's not the issue here. Also a solution like BB has many advantages because it allows you to clean stuff from many places at once, if you had to use shred to delete the files, thumbnails, list of recently opened, cache, and other similar traces manually it would be inconvenient; a cleaning program makes it easier and in theory makes sure you didn't forget anything, but the problem is that ticking the option to delete the thumbnails and thumbnail cache does nothing. Regarding wiping, when I said that it doesn't wipe I was referring to overwriting files deleted on cleanup, not to the "wipe free space" function that you trigger manually, because that one works just fine.
>>58751663
The problem is that you didn't read the post.
Thread posts: 17
Thread images: 1
Thread images: 1