Markus,
This is a feature that is requested from time-to-time. I've not tried to tackle the problem for a few reasons: 1) I don't think the default behavior should be to erase the input file (as some users will definitely lose their data accidentally) 2) If it is not the default behavior, then we need a new command-line Switch on Linux and a new switch on the GUIs 3) If it is the default, we need a switch to prevent automatic erasure 4) Securely erasing files can be misleading since sometimes it cannot be done. I've been told, for example, that some SSD controllers will not actually write over the same physical location when writing over a file, thus one just fills some space with zeros (or whatever) and the original file is still present, too. 5) There are existing tools on Linux that securely erase files, including shred, scrub, etc.
so, while not opposed to the idea, you can see why it's not yet moved to the top of my priority list :-)
However, if you are interested to tackle the problem, you are welcome to do so. We can integrate the code changes. I really would prefer that this not be the default behavior, as I prefer to not change the default behavior from one release to another without a really good reason.
Perhaps the Linux code might be best to start with. Perhaps if the user adds -r to the command line, that means to "securely erase and remove" the original input file after successful encryption or decryption.
We could then port that into the Windows command-line code. (To be honest, I created the Windows command-line code in the most lazy way possible: replacing Linux API calls with Windows API calls. I really need to merge the two so that a single command-line utility compiles on both platforms. But, that has to be done carefully and fully tested... which is why I've not yet merged the code.)
Paul
-----Original Message----- From: aescrypt-bounces@lists.packetizer.com [mailto:aescrypt- bounces@lists.packetizer.com] On Behalf Of Markus Michael Rau Sent: Wednesday, May 29, 2013 8:15 AM To: aescrypt@lists.packetizer.com Subject: [aescrypt] Wish-list item 6, securely erase old file
Hi,
first of all, I'm Markus and I'm a graduate student at the LMU munich. My topic is weak lensing and data analysis, so have mercy with me.
I like your tool pretty much and want to ask if I can contribute to the software.
I'm personally interested in a way to delete the old source files. What do I have to do? Just overwrite the old file with random numbers? How often I have to overwrite? Is it dependent whether I overwrite onto an usb stick or a hard drive?
Has anybody information about that or has knowledge in computer forensics?
Take care,
Markus