SkillAgentSearch skills...

Lethe

A tiny data wiping library and tool.

GenerateConvertImprove

Install / Use

/learn @rafael-santiago/Lethe
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

<table border="0"> <tr> <td width="150" style="border-top:none;border-bottom:none;border-left:none;border-right:none"> <img src="https://github.com/rafael-santiago/lethe/blob/master/etc/gustave-dore-dante-and-the-river-of-lethe.png" title= "'Dante and the river of Lethe' by Gustave Doré (1832-1883) / Public Domain"> </td> <td style="border-top:none;border-bottom:none;border-left:none;border-right:none"> <blockquote> <p> Let fancy still in my sense in Lethe steep;<br> If it be thus to dream, still let me sleep!<br> Lethe, the river of oblivion, rolls her watery labyrinth,<br> which whoso drinks forgets both joy and grief<br> O sister, mother, wife.<br> Sweet Lethe is my life.<br> I am never, never, never coming home! </p> <p> <i>-- Willian Shakespeare [Twelfth Night], John Milton [Paradise Lost], Sylvia Plath [Amnesiac]</i> </p> </blockquote> </td> </tr> </table>

Lethe

Lethe is a tiny and well-simple library/tool for data wiping. In Greek mythology Lethe is one of the five rivers from Hades underworld. According to the myth, who touch, drink or even take a single drop from this river will experience forgetfulness. You can use this data wiping tool on Linux, FreeBSD, NetBSD, MINIX, OpenBSD , Solaris and Windows.

This is my implementation of a suggestion given by the worldwide known cryptographer and information security specialist Bruce Schneier in his book "Applied Cryptography", about destroying information:

"Most commercial programs that claim to implement the DoD standard overwrite three times: first with all ones, then with all zeros and finally with a repeating one-zero pattern. Given my general level of paranoia, I recommend overwriting a deleted file seven times: the first time with all ones, the second time with all zeros, and five times with a cryptographically secure pseudo-random sequence. Recent developments at the National Institute of Standards and Technology with electron-tunneling microscopes suggest even that might not be enough. Honestly, if your data is sufficiently valuable, assume that it is impossible to erase data completely off magnetic media. Burn or shred the media; it's cheaper to buy media new than lose your secrets."

-- Bruce Schneier ["Applied Cryptography" 228-229 pp.]

This book was written at 90's. DoD additionally states that:

"The number of times an overwrite must be accomplished depends on the storage media, sometimes on its sensitivity, and sometimes on different DoD component requirements."

-- National Computer Security Center ["A Guide to Understanding Data Rememberance in Automanted Information Systems"]

Here, overwrite times are configured by the user. Anyway, I think that burn-and-shred advices given by Mr. Schneier should not be discarded.

WARNING: This general DoD information destruction method does not work with flash based filesystems. It probably will not work with your smartphone. Do not use this tool for doing this! Maybe in future I may extend this code to give some kind of support for flash stuff too, but by now, I won't do it.

For ensuring that the implemented data destruction here is working fine on your system the well-known forensic tool Foremost is used (if you are on Linux, in this case and have it installed). There are ports of Foremost for other Unix-like than Linux, if you have a port of it installed, it will be used. If you do not have Foremost installed and still are on some Unix-like, the test binary will try to perform a MacGyver with cat + strings + grep for all necessary recoverying stuff.

I strongly suggest you to build the software on your machine by running all tests before installing the tool or using it as a library into your own stuff. Be sure that it is actually working instead of just believing on it.

Finally, I am not reponsible for any misuse of information or code here. I am not responsible for any possible damage, data destruction or loss (partial or total) done by this software, too. Who knows your babysitter! Use it at your own risk!

Okay, tell me the simplest way of cloning this repo, please...

Well,

    you@Hades:~/src# git clone https://github.com/rafael-santiago/lethe --recursive
    you@Hades:~/src# _

All done.

How can I build it?

Lethe's build is based on another tool of mine called Hefesto. After following all steps for making Hefesto works on your system, if you want to build the library:

    you@Hades:~/src# cd lethe/src
    you@Hades:~/src/lethe/src# hefesto --forge-type=lib
    you@Hades:~/src/lethe/src# _

If the build succeeds the ar file will be at ../lib/liblethe.a.

Now, supposing you want the tool:

    you@Hades:~/src# cd lethe/src
    you@Hades:~/src/lethe/src# hefesto --forge-type=tool
    you@Hades:~/src/lethe/src# _

If the build succeeds the binary will be at ../bin/lethe.

On Unix-likes when running the build at the first time it will try to detect the device path where your / is stored. This device path will be saved to src/DEV_PATH. This device path is very important to ensure that data wiping done by Lethe is really working on your system. If you have cloned this repository to a place where it will not be stored into the detected device path, you need to change the content of src/DEV_PATH to the correct device path where your repository copy is stored.

Your device will not be written. It will only scanned trying to find test data during lethe_drop tests. Since your device is being read on-line (it will not be umounted for sure) try to minimize disk activity on your system when building Lethe. Otherwise your disk activities can screw up all tests.

Depeding on the size of your storage device the tests can take some time, go walk your dog (good luck if you have a cat instead), stroll out there, etc. Come back later! If you are in a rush add to the build command the option --quick-tests. Anyway, I strongly suggest you to test if the data wiping is actually working on your environment before installing and using Lethe.

Is there some way of installing the tool on my system?

Yes, there is.

After running the tool's build, all you should do is:

    you@Hades:~/src/lethe/src# hefesto --install
    you@Hades:~/src/lethe/src# _

If you want to uninstall it:

    you@Hades:~/src/lethe/src# hefesto --uninstall
    you@Hades:~/src/lethe/src# _

On Windows the install script will try to export the lethe's binary path. With it you will be able to call lethe from anywhere within your system. However, you should run the install command with administrator privileges.

How can I use Lethe as a command line tool?

Lethe is a well-simple tool. It works based on commands and command options. The general idea when using lethe from your command line is: lethe <command> [options].

Until now lethe has the commands listed in Table 1.

Table 1: Current commands supported.

|Command | Utility | |:-----------:|:------------------------------------:| | drop | Removes files and directories | | help | Offers quick help guide for commands | | man | Manual reader | | version | Displays the tool version |

The command drop

It removes files. Its synopsis is: lethe drop <file name and/or glob patterns> [options].

Supposing you want to remove the file thanks-for-nothing.txt and all files containing crimson-ballroom in their names:

    you@Hades:~/tmp# lethe drop thanks-for-nothing.txt *crimson-ballroom*
    you@Hades:~/tmp# _

By default Lethe will ask you if do you really want to delete a found file. If you prefer skipping all possible confirmations you must use --ask-me-nothing bool option.

    you@Hades:~/tmp# lethe drop *make-it-alright* televison-addict* \
    > --ask-me-nothing
    you@Hades:~/tmp# _

The removing process basically consists on repeated overwrites and renames passes. By default you have five overwrite passes and ten renaming passes. In order to change those default values use the options --overwrite-passes=<n> and/or --rename-passes=<n>. The total of passes must be one at least or a greater value. Let's use 200 renaming and 1000 overwrites passes.

    you@Hades:~/tmp# lethe drop * --ask-me-nothing \
    > --overwrite-passes=1000 --rename-passes=200
    you@Hades:~/tmp# _

Warning: The given sample command can be dangerous depending on where you are testing it. Lethe always recursively removes any found directory. I meant that it will be emptied by using an implicit "*" glob pattern. Be careful when using this tool.

The renaming and overwriting stuff uses random data. By default those data is provided by the internal Lethe's randomizer. If you prefer providing your own randomizer you need to use the option --dyn-randomizer=<lib-path>:<function-name>.

Supposing you have a dynamic local library called my-awesome-csprng.so. This library has the function mac well-exported and it is "your awesome csprng":

    you@Hades:~/tmp# lethe drop [AB]-REPORTS-*-1995.DAT \
    > --dyn-randomizer=my-awesome-csprng.so:mac --ask-me-nothing
    you@Hades:~/tmp# _

The prototype for a Lethe randomizer implementation is:

    unsigned char randomizer(void);

If during a drop process you regret about your remove choices, try to hit CTRL + c as soon as possible. It will prevent of removing more files by aborting the application. You can also interrupt lethe by sending a SIGINT or SIGTERM to its process.

The command man

It shows the content of this manual at your terminal screen by using your environment pager:

    you@Hades:~/tmp# lethe man

rafael-santiago

View profile

View on GitHub
GitHub Stars24
CategoryDevelopment
Updated1mo ago
Forks0
rafael-santiago/lethe

Languages

C

Security Score

95/100

Audited on Feb 24, 2026

No findings