Protect Your Data from Glowfriends! (Recovering & Deleting Data)
Ғылым және технология
You should know that when you "delete" a file on your computer in your operating system, whether Linux, Windows or Mac, the file is not really deleted or overwritten until the space is needed for new data. This is beneficial when you accidentally delete a file, but is dangerous when you "delete" a sensitive file and falsely feel like you're safe.
Linux has the command `shred` which overwrites files with random data, which solves this issue. You can also output /dev/urandom or /dev/zero to blank or distort empty space on a drive.
Even in the case of encrypted drives, it's a good idea to use /dev/urandom or obscure unused or previously used space to prevent metadata leakage about how much you've stored on the drive or what used to be on it, in a way that could tie you to an important USB drive or computer.
00:00 No data's every really gone!
01:49 Gist
03:37 Dangers of File Recovery
04:50 Good Op-sec
05:56 `shred` to overwrite and delete files
08:09 /dev/urandom and /dev/random
09:44 Blanking or shuffling drives with randomness
11:11 /dev/zero
12:22 Encrypted drives can still leak metadata!
15:01 Retroactively wiping empty space on an encrypted drive
16:12 Benefits and Dangers
My website: lukesmith.xyz
Classical books reprinted by me: lindypress.net
Get all my videos off KZread: videos.lukesmith.xyz
or Odysee: odysee.com/$/invite/@Luke:7
Please donate: donate.lukesmith.xyz
BTC: bc1qd20r7phdct3t0e0z6jqs55ulectg25pngt7hyl
XMR: 89yML3AtqnTNdo3wNuoaW44D94Zx1kBZNSBc9SyNxGdaKEZwZNdVzvy9zpbzJMzysiWZEU3b5LwjQ3XwWuQsknCF8JK73yv
OR affiliate links to things l use:
www.vultr.com/?ref=8384069-6G Get a VPS and host a website or server for anything else.
www.epik.com/?affid=we2ro7sa6 Get a cheap and reliable domain name with Epik.
Пікірлер: 168
In TempleOS, when you delete data it gets recalled back to God's Kingdom. Safe from all the glowies who are reddit-tier athiests.
@bw2247
Жыл бұрын
based and TAD-pilled
@sourcey6620
Жыл бұрын
rip king terry
@TroyFletcherKeyboards
Жыл бұрын
Amen
@lucastrever
Жыл бұрын
fr though, does it handle deletion in a special way?
@chrisphoenix115
Жыл бұрын
cold
A note about hard disk drives. It's possible that if you overwrite with 0 that some of the original data can be recovered from the edges of the original track. Programs exists that tell the HDD to overscan the magnetic area to try to recover the old data and Feds 100% use this. That's why the industry standard is to wipe with 0, then fill with random data, then wipe to 0 again.
@ImperiumLibertas
Жыл бұрын
Military standards are 5 wipes of high entropy random data. I wouldn't do any less for anything sensitive.
@AnotherAvaibleName
Жыл бұрын
@@ImperiumLibertas "Military standard" is meaningless nowadays.
@hongtanke
Жыл бұрын
10 times
@ricardorien
Жыл бұрын
"That's why the industry standard is to wipe with 0, then fill with random data, then wipe to 0 again."... so in bash will be something like... function deletehdd { command shred -zn $2 $1 && shred -n $2 $1 && shred -zun $2 $1 } right?
@snafu5563
Жыл бұрын
@@AnotherAvaibleName nowadays? it's always just been a marketing ploy
default runescape character explains how to evade law enforcement
One note for SSDs, most have a firmware-level block selector to increase the lifespan of the drive, which means if you "overwrite" a file, you may not actually change the exact same bits the original file occupied. This also applies to certain types of filesystems, read shred's man page. That said, going nuclear by filling the entire drive (maybe even 8 times) should cover all contingencies. When your terminal gets messed up by binary files, type "reset" and press enter (even if you can't see the letters you type)
@RapiBurrito
Жыл бұрын
Was just about to mention this, I have opted for encrypting anything that goes into flash memory just in case, do SSDs even offer an option to access the memory without having to go through the remapping and other wear leveling systems?
@RenamedChannel
Жыл бұрын
> you may not actually change the exact same bits the original file occupied. It is not just "may", it basically never changes them. NAND blocks have to be erased first, so they are always written sequentially (even you write data randomly). There is a slight chance that overwriting can fill the super block and cause GC and then _maybe_ the block will be erased.
@RegrinderAlert
Жыл бұрын
That’s why Apple uses effacable storage (no wear-leveling) to store certain ephemeral encryption keys.
@100thschool
Жыл бұрын
@@RapiBurrito retard. one day you wont be able to decrypt your drive because decrypting writes data and if ssd runs out of write cycles. enjoy your brick
@RapiBurrito
Жыл бұрын
@@100thschool backups are a real mind bender to you aren't they? 😆
Where did you buy that gaming chair?
@illiiilli24601
Жыл бұрын
My best guess is it's second hand, possibly from an acquaintance
@kvazium
Жыл бұрын
From his grandfather, veteran hero
@smotheredbyPrincessPeach
Жыл бұрын
With creditcard cash xD
@bruuuuuuhhhhhhhhhhh
Жыл бұрын
@@smotheredbyPrincessPeach he calls it credit card rotation lol 😂
As much as I enjoy hearing your insights into life and society regardless of my agreement or otherwise with your outlooks, these practical videos of yours are my favorite.
Most of this advice applies to HDD's. DO NOT SCRUB SSD'S or inexpensive flash drives with tools that overwrite multiple times. I suppose shred is fine for limited use on specific files but other wipe tools overwrite multiple times which is not necessary on SSDs. SSDs use a type of Flash Memory that has a limited number of writes. You'll wear out the SSD if you wipe it frequently. The magnetic properties of HDD do not apply to Flash SSD chips. When using SSD's there's a TRIM feature in most operating systems that will zero out the sectors marked for deletion while at idle. Most SSD's also have firmware that will do the same. When sectors become worn as they approach their write limits they will be swapped with spare extra sectors (over-provisioning - enterprise SSDs have many more spare sectors) and depending on the firmware those removed sectors may or may not be zeroed. It is very important to encrypt SSD's to better protect data. If someone removes the SSD flash chips they could recover data. But not if it is encrypted from day one of it's life. You can simply format SSD's that were encrypted and the data will be completely unrecoverable. Cheap thumb drive's use pretty crappy flash chips compared to SSDs, you should always encrypt them if you ever put anything sensitive on them. You can buy hardware encrypted thumb drives and external drives that also encase the chips in epoxy which will likely break the chips if someone tries to remove the epoxy. But these are not the ultra cheap thumb drives that are everywhere in the market. You'll pay more but it's worth it for piece of mind. I am talking about the drives that have a numeric keypad on them or a fingerprint reader where they need to be unlocked before you can mount the disk. We use apricorn.com/ drives at work as they meet very strict standards. Again, not cheap but trustworthy. Yes, they do work on Linux, etc. you can format them with any disk format you like. Not suitable as boot disks.
@helmsdeep9tim
Жыл бұрын
Always go for key codes if you can. From a legal level, biometric data like your iris, face scan, or finger print are not your own and are not conidered unreasonable search or seizure. Us and EU Law enforcement is known to legally force defendants to offer their face or fingers to unlock machines. But in the US key codes are different, they're covered as speech, so the government is restrained from compelling a defendant to "testify" against themselves by giving a code. If the government can crack the code in evidence it's back to fair game.
@towardsthelight220
Жыл бұрын
Do you work for apricorn? 69 to 1000 dollars.
@meuko
10 ай бұрын
Sounds exactly like what a glowie would say. I'm gonna wipe my ssds x16 now.
Another reinforcement of the adage "physical access is total access"
I love this series Luke! Please keep going!
Where I'm from we don't call them friends we call them something else.
@meuko
Жыл бұрын
glowN
@notuxnobux
Жыл бұрын
glow ninjas
@travv88
Жыл бұрын
@@meuko glowI
@schizostar
Жыл бұрын
@@travv88 GlowG
@MrAnsatsuken
Жыл бұрын
Glowggers
Haha thought this was a Mental Outlaw vid from the thumbnail XD
@Cookiekeks
Жыл бұрын
It is, they're the same person as we all know
Reject storage, embrace ramdisk
@user-vk2cd9qw7i
Жыл бұрын
Unironically would consider this but my power regularly goes out in storms
The correct way would be to send device wipe command (usually named Sanitize). In a good device, the data stored in NAND is encrypted and Sanitize just destroys the key, leaving data inaccessible. Another reason to not rely on overwriting the SSD: it might enter read-only mode when running out of spare blocks. In read only mode all writes get rejected.
@Phasma6969
Жыл бұрын
Good point. We need GPL firmware for NAND controllers.
luke smith posting actual tech videos? impossible
@alonsoACR
Жыл бұрын
hey! i like his other videos!
If someone wants an analogy to help them understand this, imagine the data is a weight attached to a fishing line floating in a pool. When you delete the file you don't pull the weight out and destroy it. You just cut the line. Someone dedicated enough to recovering the data can go into the pool and pull out the weight if they go through every rock in the pool individually and examine it.
urandom takes in consideration the system entropy, it is a cryptographic secure random number generated, preferred to use compared to random, which takes a starting seed.
14:20 Luke channels Charles Manson's spirit
Even using shred or overwriting the specific file is not a guaranteed way to really overwrite those bits on the drive nowadays. Trap #1: SSDs and maybe even some flash drives even out the wear by writing to different physical location every time. If the drive was unencrypted (or the attacker has the key), the data may still be recoverable directly from nand even after overwriting. Trap #2: Modern filesystems do not guarantee the overwrite will work. Especially copy on write filesystems. (for example fedora uses btrfs by default) Those filesystems do similiar thing as SSDs. Mitigations: Always encrypt your drive. Use encrypted vaults for especially sensitive files you may want to delete later. This way after you delete your vault, attacker cannot recover the files if he doesn't have the key.
HDDs store data by electro magnetizing individual magnetic domains (also refferd as sectors) with either a north or a south magnetic polarity to represent either a binary of 0 or 1. To read it back, the head detects the magnetic polarities of the magnetic domains (sectors) which are physical (few nanometers) structures that are already present on the disk. The binary data is then sent to the CPU where it is translated into ASCII code using predefined algorithms and protocol. The best way to destroy data would be : Degaussing : Exposing the disk to a strong magnetic field, which will erase the magnetic polarities and destroy the data stored on the disk. You're welcome
Oh my god I didn't know dd took status=progress as an argument... I've been finding its pid and sending a USR1 signal using kill all these years like a chump :O
@carver3489
Жыл бұрын
status=progress is non-standard to GNU dd.
I sold a hard drive to a friend (spinning rust) and did a 35 pass alternating 0's and 1's followed by every 3rd pass being pseudo random data. I then stuck it in an high magnetic field for a few hours, followed by a complete low format. Old drives that work I do this before even storing them, and if I have to trash them I put them to a butane torch. Probably paranoia but as they say just because you are paranoid doesn't mean they are not out to get you. :)
@JustSomeAussie1
Жыл бұрын
You're definitely paranoid and just wasting time by going so overkill
@legalfictionnaturalfact3969
11 ай бұрын
Cp on there?
@someoneelse4811
11 ай бұрын
Who's out to get you? They gotta be important for that level of overkill.
/dev/random and urandom were different but they are now pm the same thing and we only have two for backward compatibility.
Rip Terry.
luke shredding his own disk for us
Great video. Thank you!
sneed
@moisessoto5061
Жыл бұрын
Nice
@bettercalldelta
11 ай бұрын
The sign is a subtle joke. The shop is called "Sneed's Feed & Seed", where "feed" and "seed" both end in the sound "-eed", thus rhyming with the name of the owner, Sneed. The sign says that the shop was "Formerly Chuck's", implying that the two words beginning with "F" and "S" would have ended with "-uck", rhyming with "Chuck". So, when Chuck owned the shop, it would have been called "Chuck's Feeduck and Seeduck".
Now I'll make sure to fill up the drive after deleting the homework folder.
Shred is great. At my last job we were charged with securely disposing of some old hard drives with a bunch of financial data on them. Ram a 4 pass shred zeroing the bits at the end and it worked like a dream. 1 TB drive took about 7 hours or so to finish.
@memesfromtheforsakenworlwi9218
Жыл бұрын
I bought a 1tb drive and it waz full of documents from a private school on it (employees info, finnances, student info, student reports and more). Luckily I ain't into blackmail
@TheBenSanders
Жыл бұрын
That is very lucky for them you got it and not someone malicious.
@RenamedChannel
Жыл бұрын
Big companies always shred SSDs before disposing of them. Physically shred. In a shredder.
@theretromillennial
Жыл бұрын
@@RenamedChannel Yeah, we weren’t that big. We just did this then took drills and hammers to the platters.
@unbekannter_Nutzer
Жыл бұрын
@@RenamedChannel How can you make such a far reaching statement ("always")? Did you work in every big company? In every department?
Hi Luke, do you have any videos on file recovery?
Interesting thing about the linux kernels /dev/random, it will wait until there is enough entropy. However /dev/urandom will reliably give you random data in almost every scenario just not as cryptographically secure. On most architecures they're basically the same thing as the kernel is able to initialize its entropy pool so early in boot, and so quickly it does not matter for 99% of use cases
Whaaaaaaaaat? Sending files to the bin will NOT make me a invisible untrackable Super-Hacker? 😱😱😱
step one. acquire metallurgy furnace. step two. use critical thinking to figure out the rest.
The text in your videos is has lots of weird colour fringing artifacts. Have you considered disabling subpixel font hinting in freetype while recording videos? I'm not sure if that would fix it but it looks like that's probably what is causing it.
Wouldn't it make more sense to use dd to write /dev/urandom straight to the drive itself, rather than a file, to actively destroy your data at the sector level?
I got paid 20$ when i was 17 to move file from an old laptop and then delete all data. I booted into a Linux live USB to run dd. Wrote the disk full of zeros and random couple of times.
This is the content i like to watch dude. bless u
Has Luke mention what laptop he decided to use moving forward after the laptop video
For at least a couple years now, there's literally no difference between /dev/random and /dev/urandom in Linux. The two names exist for compatibility. Old kernels used to use /dev/random in a blocking mode exclusively, where it'd halt outputting data until some arbitrary threshold in Linux's PRNG was reached. It wasn't any "more random" or "more secure", but it fooled people into thinking it was. So that behavior is gone now. Many of your "dd if=file of=outfile" commands could just be simplified as "cp file outfile"; this works also for "cp /dev/random random". It's also well worth noting that shred is useless on CoW file systems (btrfs and ZFS, for example) and likewise useless on some journalling modes of ext4.
New luke smith video 😁👍
nice gaming setup
I've had SSDs make the data unrecoverable the moment you delete it. They don't have nearly the memory HD have. Which is annoying as I've so far only need to recover data not destroy it.
sheeesh missing u already plez come back !!
haven't watched video yet, but can i wipe a phone using same technique?
Thank you so much. I learn so much from your videos.
shoutouts to ya boy terry davis. RIP king
Luke pulling the mental outlaw content strat to farm normies smart lol
@TheB00tyWarrior
Жыл бұрын
That's exactly why I clicked
Consider using hidden volume features of veracrypt. Plausible deniability needs to be known.
When I format a drive I always saturate it with dumb files before .
Why not just psychically destroy the drive? Like set in on fire?
Glowing friends
small brain: rm -rf directory/ big brain: sudo dd if:/dev/zero of:/path/to/partition galaxy brain: *Removes SSD, smashes with hammer*
@iwazhere7077
Жыл бұрын
set fire to leftover bits
@ghost-user559
Жыл бұрын
*DRINKS INDIVIDUAL PULVERIZED BITS* _BECOMES ONE WITH THE DATA, attains Free as in “Free beer” Freewill_
@ghost-user559
Жыл бұрын
@@user-uq8dy1uh2y Probably because a high enough powered magnet can cause collateral damage. Obviously you can just take the drive out of the case and use a weaker magnet. But ssd does not store data magnetically, so that only works effectively on magnetic HDD drives.
@ghost-user559
Жыл бұрын
@@user-uq8dy1uh2y Oh no. That’s what I settled on lol. Best opsec is to become *O N E* with the silicon by _Coom Sum Ing_ it. I can now have _random access memories_ and I require significantly less _R A M_ . But you are right, there has got to be a better way.
@corruptneedles3384
Жыл бұрын
@ghost-user559 Glowies would still manage to retrieve everything through autopsy and old urine, fecal matter
How the heck you move the cursor without touching the mouse 🤨🤨
Thank you Luke I shall now commit crimes
Careful, you can reduce life-span of SSD if you overwrite it!
@VictorRisgaard
Жыл бұрын
Yeah if you overwrite it everyday
@curbcobain
Жыл бұрын
plus you're not actually overwriting the file, because it gets mapped to different areas internally. need to overwrite the whole device :/
@kalmmonke5037
Жыл бұрын
sounds like the data can be transalated using the same software. unless original data is totally replaced somehow, where data is no longer usable
@ticktockbam
Жыл бұрын
This is not something you do every time after you delete a delicate file; this is something you do when you wanna delete any evidence of that file ever existing along with all the other data on that data drive, so you wouldn't be doing this every day, only in special occasions. Also, couldn't you just encrypt the whole thing and forget about having to delete data?
@debtminer4976
Жыл бұрын
If you didn't encrypt, and you have something on the drive requiring this, I doubt you're worried about the longevity of an $80 drive.
I didn't know shred. I only knew wipe and wipefs.
I thought he was going to talk about inodes
man , please tell me the chair that u using name ??
@BurgerKingHarkinian
19 күн бұрын
John Smith
You'll eff up your ssd with Shred tho...it will burn right thru them.
My problem is that people have direct access to my phone and I have no way of proving that. It seems to be the police yet total strangers, as Ive witnessed have been involved. At this point I just have to live with it and not be able to prove anything but it seems like there HAS to be someone else experiencing this shit.
@zorandusic7079
Жыл бұрын
What makes you think that someone has access to your phone?
@inparis5724
Жыл бұрын
Based schizo. The gangstalkers are after you. All your electronics are compromised.
@ThirdDimensionalBeing
Жыл бұрын
@Zoran Dušić dude it's a long, a long, arduous and nuanced story. I just can't explain in text. I just know that other people are experiencing this but it's very rare. All I can say is like it's a stasi wet dream.
@zorandusic7079
Жыл бұрын
@@ThirdDimensionalBeing God damn man, sounds tough. I hope they don't get you. Privacy doesn't exist in the 21. century.
@towardsthelight220
Жыл бұрын
@@ThirdDimensionalBeing you're paranoid. Nuance doesn't count.
Shred is good, but i still gonna take care my ssd life expectancy
To properly wipe a drive, you'll want to make at least three passes of random data so that even the most sophisticated hardware analysis and data recovery labs in the world can't recover what you deleted.
@phizlip
Жыл бұрын
Even better, take a hammer to it
Sadly, this is pretty lackluster and bad advice. There is nothing said aboud how SSD/NVMe/HDD handle data erasure (spoiler: they all do it different and only HDD's require overwiritng data) Currently the tech can recover the data form at least 17-20 overwrites from spinnig plate hdd's (hysteresis loop) What is TRIM SSD/NVMe does not write NAND's in linear fashion Filling the non-used space with /dev/rand does nothing, since the partition table will tell you exactly how big LUKS partition is
Nail gun it
TempleOS is chad only!!!
classic video
Is this Arch or Parabola ?
For anybody that has had to try and forsensically recover files bc you deleted something you didn't mean to you realize this is only partially true. When you delete a file your operating system unallocates the storage where that file was, and in some cases that means it is relatively easy to recover but in others it means that the file can be really badly corrupted and not fully recoverable at all, even if some data associated with that file is still lingering on your drive.
@memegazer
6 ай бұрын
Its not really true that "that space will never be overwritten until that space is needed" There are a lot of factors at play. When you delete a file in a typical fashion with an os, all you are doing is removing the os pointer to where that file was located on storage. But how that now freely available space is handled by the os can depend on a lot of factors. Size of file, frequency of use, physical location on the storage medium. These factors will play a role in how recoverable a file is after os deletion. I get your point is "to be safe wipe your storage" but on the recovery side it is important to note that, no, not necessarily the full intact file you deleted is still sitting around on your storage. I guess my point is if you have sensitive data, it is ok to back it up in case you accidently delete through user error. But your security protocol should be to have the back up stored to a drive with strong encryption and is relatively easy to render corrupted in an emergancy glowy situation.
can someone explain me if MentalOutlaw is actually a Luke Smith's deepfake? i see this channel 1st time
2:50 hard same
Not a word.
The real best way to delete files on your computer is to go the nuclear route. USB Killer
Actually you can also run `cat /bin/ls` to recover the terminal.
TempleOS doesn't use files cause that's bloat
kzread.info/dash/bejne/YouX1MmvmLLFndo.html What about Veracrypt?
Bleach
What are you talking about normies would just drag their files into the recycle bin and call it a day.
cat /dev/zero > file works too.
I write on my hdd like 10-100 gb of data every day, no way in hell anybody is going to recover anything 5 years later. It's gonna be written over 1000 times by then. Gamers ftw
@bryanrigby4429
6 ай бұрын
But dont you have to rewrite to full capacity the drive to have everything deleted?
@da_cat
6 ай бұрын
nope, i actually tried to recover an archive of about 300mb i deleted by mistake like 4 months ago from my 1T HDD and it doesn't exist anymore, and i never filled my HDD , i always have like 300-400 GB free because if it gets too full then my pc lags like crazy because low spec laptop garbage. I only managed to recover some files related to it and even those where so damaged and corrupted they couldn't be opened@@bryanrigby4429
thirtysix
🫠