We should ensure our recommendations regarding secure deletion make sense for USB/SSD deletion, and that we help journalists mitigate risks with files that could be recovered by an adversary who gains access to a drive and passphrase.
This is especially true for the export device, which holds files in decrypted form (the drive itself is meant to be encrypted; our docs recommend VeraCrypt for this device, as it may be opened on non-Linux machines).
For example, we could recommend a regular drive-level overwrite operation for folks who routinely re-use a single export device -- but we'd need to ensure that such a recommendation actually meaningfully mitigates risk.
Tails 6 removed support for "secure wipe" functionality, since the reliability of such wipe operations on a per-file basis cannot be guaranteed on USB/SSD devices.
558 updated the docs accordingly and no longer recommends "securely" wiping individual files
Describe the change
We should ensure our recommendations regarding secure deletion make sense for USB/SSD deletion, and that we help journalists mitigate risks with files that could be recovered by an adversary who gains access to a drive and passphrase.
This is especially true for the export device, which holds files in decrypted form (the drive itself is meant to be encrypted; our docs recommend VeraCrypt for this device, as it may be opened on non-Linux machines).
For example, we could recommend a regular drive-level overwrite operation for folks who routinely re-use a single export device -- but we'd need to ensure that such a recommendation actually meaningfully mitigates risk.
How will this impact SecureDrop users?
Additional context
558 updated the docs accordingly and no longer recommends "securely" wiping individual files