TorBrowser: add secure wiping to 'Clear Recent History' (ideally automatic, on shutdown)
High all,
I'm not sure if this is needed considering TorBrowser tries hard to not write to disk. That said, adding (transparent - background) automated single pass secure wiping for Clear Recent History, upon Aurora shutdown, shouldn't add much overhead [1] and may increase security(?).
It's a myth that one needs to use multiple passes for secure wiping of data, e.g., Gutmann method. Those multiple wiping algorithms weren't designed for today's filesystems, thus, one random pass is sufficient to defeat (most ... all?) forensic tools* [2][3].
There is a neat Firefox Add-on I use with Tor Browser, called "Secure Sanitize" [4]. However, it has limitations in terms of automation. Maybe some code from Secure Sanitize could be used in Tor Browser Button?
- assuming the data was not swapped to paging file, etc.
[1] My computer is an Intel Pentium 4 - 2.80E GHz processor (2800.0 MHz) - with 512 MBytes RAM, running Windows XP SP3. And with ~80-90% of RAM being used by Tor Browser and other system apps (like Firefox streaming music from Pandora), using "Random Data (fast)" wiping algorithm (via the add-on Secure Sanitize) for Clear Recent History (clearing everything), takes only a few seconds.
[2] "Shred files and wipe disks" http://bleachbit.sourceforge.net/documentation/shred-files-wipe-disk
[3] I can provide additional references, incl. from academia, with respect to the issue of one (sound) pass vs multiple passes whilst wiping ('shredding') data.
[4] https://addons.mozilla.org/en-US/firefox/addon/secure-sanitizer/?src=api