Always encrypt the data at rest, and delete by deleting the key is likely how th... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		smcameron on Aug 14, 2020 \| parent \| context \| favorite \| on: Instagram kept deleted photos and messages on its ... Always encrypt the data at rest, and delete by deleting the key is likely how this would be done. This way you can also delete e.g. tape backups without actually loading the tape and re-writing the whole thing with certain portions deleted, which is not really practical.

jermier on Aug 14, 2020 | [–]

Yes, and you could also queue files for deletion at a later stage by throwing away the encryption key for a large batch of files which have been queued for deletion.

jacquesm on Aug 14, 2020 | [–]

Yes, this is the best way to do it.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact