How to shred already removed file on modern filesystem? (randomize free space, journal, tails, ... securely)

Solution 1:

You're going to have to wipe the entire free space if you really want to make sure it's gone.

Generally, using /dev/random (and variations) is not as secure as a full fledged wipe, because /dev/random may or may not use the disk contents to add entropy, and only does one pass, without security in its design.

Solution 2:

Have a look at this question regarding secure deletion of data on hard drives over on security.stackexchange.com. It is a little wider in scope than your question, covering the entire drive, but a range of useful thoughts on the problem list Secure Erase as the recommended method.

For flash drives, there are specific problems which come up as well.

Solution 3:

If you want to be really sure, tar the whole filesystem to another drive, like this:

ssh host "tar --one-file-system -jcf - /" > system-root.tar.bz2

Then use shred to wipe the device, and untar the contents back. With shred you can specify the amount of wipes; I would run 0-2 writes with random data and then zero over it. Why just 1-3 writes and not 30? Because even with professional tools, recovery of single bit is some 80% certain after a single wipe. This means a chance to recover one whole byte of data is around 0.8^8 = 0.17 = 17%. And that's a single byte, hardly revealing many secrets.