32
Emergency Data & Login Nuke Tool (Bugfish-Nuke) (lemmy.ml)
submitted 1 day ago* (last edited 1 day ago) by Bugfish@lemmy.bugfish.eu to c/privacy@lemmy.ml
10 comments fedilink hide all child comments

Hello there!

just updated a previous mentioned tool which has been in discussion here and wanted to share updates on the software status.

The software is in my opinion finished for now and tutorial videos are available, do not hesitate to ask for features if anything is missing.

Github URL: https://github.com/bugfishtm/bugfish-nuke
Documentation: https://bugfishtm.github.io/bugfish-nuke/

Features

  • Instantly erase user data, application traces, and sensitive files in a single click.
  • Secure deletion: Files are overwritten, not just moved to the recycle bin.
  • Clear clipboard contents
  • Flush DNS cache
  • Erase event logs
  • Delete most recently used (MRU) lists
  • Remove thumbnail caches
  • Empty the recycle bin (system default)
  • Set overwrite passes (1 or more) for each deletion:
    • 1 pass: Fast, effective for most cases
    • 3+ passes: Higher security, slower
    • Warning: 0 passes disables overwriting and is NOT recommended
  • Add your own scripts (e.g., batch files) to run alongside the deletion process
    • Example: Dismount VeraCrypt volumes automatically
  • Optional: Corrupt Windows login files after deletion to prevent further access
    • Use with caution: This will render Windows unbootable and require reinstallation
  • Play a custom or built-in music track during deletion
  • Music stops when deletion is complete-useful as an audible signal if you step away
  • Overview of selected actions before launch
  • Settings for post-deletion behavior: auto-close, force restart, etc.
  • Direct links to tutorials and help resources

Security Notes

  • Overwriting: Files are overwritten according to your settings, making recovery nearly impossible.
  • Recycle Bin: Emptied using Windows default; secure overwrite for the bin may be added in future versions.
  • Custom Scripts: Scripts run independently and can be used to automate additional emergency tasks.
  • File Deletion: Files are securely overwritten (unless you set passes to 0), making recovery extremely unlikely.
  • Music Player: It provides an audible signal when the deletion process is finished, useful if you need to leave your computer during an emergency wipe.
  • Use with Caution: Bugfish Nuke is designed for emergency situations. Use with care, especially the destructive system options.

Have a great one
Bugfish

top 10 comments
sorted by: hot top controversial new old
[-] Blemgo@lemmy.world 2 points 19 hours ago

Quick question about the overwrite passes: is it overwritten with random numbers or is there a sequence of passes?

[-] Bugfish@lemmy.bugfish.eu 1 points 16 hours ago

Greetings

The files are overwritten with random numbers (random bytes) for each pass. Specifically, for each overwrite pass, the method fills the file with cryptographically secure random data generated by RandomNumberGenerator.Create(). There is no sequence of different patterns (such as 0xFF, 0x00, then random) in my implementation-each pass is random data only.

If you are interested in different overwrite patterns let me know, then i may will implement a solution to choose methods. Overwrite passes count can be set inside the software after hitting the launch button in the confirmation process.

[-] cy_narrator@discuss.tchncs.de 2 points 1 day ago

Have you considered if secure deletion will work as expected when using SSDs or SD Card? I heard the only way to actually delete something is to fill it with gibbirish and format it

[-] Bugfish@lemmy.bugfish.eu 1 points 23 hours ago

Really good point. Data Deletion on SSDs and NVMEs are handled differently. (I dont really know about SD Cards but it may be similar)

NVMA/SSD Data Deletion follows 3 Steps

  • You delete / overwritte a file (overwrite does not really mean the old content is lost on the ssd, it may be in the NAND storage)
  • The TRIM Features starts periodically and markes the data / content you deleted as erased (this functionality can be triggered by software, i will implement this trigger)
  • The problem is the last step, Garbage Collection: This will erase the data finally, and then the probability is REALLY low someone will restore it. Before garbage collection is complete, there are ways to restore with advanced techniques or help of the manufacturer.

So best is to activate the TRIM Feature when Its implemented on the next update, but this feature will also be auto-executed by the windows system. - Best is to wait hours (its hard to know when garbage collection is finished) after the trim feature has been enabled to be sure garbage collection has deleted the content/files.

But for security measures it still can help to delete the data, even if the garbage collection is not finished. The risk for recover depends than on how many resources the opponent is ready to acquire to get to that data. It will make the recover process difficult without special forensics software etc.

Best and most secure way is to encrypt your data at all so none one can access even if they have the files.

[-] Blemgo@lemmy.world 2 points 19 hours ago

Is there a benefit from this over the inbuilt Secure Erase functionality in most SSDs/NVMEs? To my knowledge, it instantly dumps the current from all cells, emptying the data on it.

Furthermore, another issue with SSDs/NVMEs is that it automatically excludes bad blocks, meaning that classic read/write operations can't even reach those blocks anyways. Theoretically that feature could also be used against you to preserve the data on the disk by marking all blocks as bad, rendering them as inaccessible by the file system.

Of course there's also the issue of Secure Erase not being implemented properly in some drives, leading to the bad blocks not being touched by the hardware chip during that procedure.

[-] Bugfish@lemmy.bugfish.eu 1 points 16 hours ago

The benefit is to delete data and execute operations (as deleting logins) in emergency situations when time is a factor. The manufactures inbuilt secure erase function is definitely the better way to make your data unrecoverable, but can take more time and may not be suitable in emergency situations.

Its not planed to add something against bad block data in bugfish-nuke, my recommendation to be safe in that matter:

  • Use the manufactures secure delete software (maybe it will detect and delete the bad blocks, no guarantees)
  • Encrypt the whole SSD, so bad blocks wont be a problem because they contain encrypted snippets.
  • If you want to get rid of the ssd drive anyway, screw it open, remove the NAND chips, smash them with a hammer in little pieces and flush it down the toilette, no one will ever recover that :)
[-] DirigibleProtein@aussie.zone 9 points 1 day ago

Just encrypt the entire disk. In an emergency, turn the power off.

[-] Nicro@discuss.tchncs.de 2 points 1 day ago

And have a script to secure erase the key material. Much faster and will prevent forced/coerced unlocks.

[-] Bugfish@lemmy.bugfish.eu 1 points 22 hours ago

This will be added as a functionality in the next release, thanks for the hint.

[-] Bugfish@lemmy.bugfish.eu 3 points 1 day ago

Yes this would be more secure and recommended

this post was submitted on 13 May 2025
32 points (100.0% liked)

Privacy

37807 readers
780 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
k_o_t@lemmy.ml
tmpod@lemmy.pt
Yayannick@lemmy.ml
ranok@sopuli.xyz