Hey everyone! We're a group of six students working on a project to create a secure and user-friendly data wiping application that will run on multiple platforms (Windows, Linux, Android). Our tool is aimed at securely erasing drives and generating tamper-proof wipe certificates, featuring a simple GUI suited for non-tech-savvy users.
Our team is divided into roles: three focus on front-end development (UI/UX), two are working on the low-level C engine for disk access and overwriting, while one is in charge of backend/devops. I also have the responsibility for crypto and verification, including handling digital signatures and wipe certificates.
We're currently puzzled about the architecture of our application and how all the components should work together. Here are a few specific questions we need help with:
1. Should the C wiping engine operate as a background service (daemon) that the GUI interacts with, or is it simpler to bundle everything into one app?
2. For a cross-platform solution, would a native GUI for each OS be better, or should we opt for a single web-based GUI using frameworks like Electron?
3. How do we package the C engine and GUI into a bootable USB or ISO for offline use? What's the usual approach for that?
4. For generating certificates after wipes, should this process be part of the main app or done through a different module that processes logs?
As we're still learning, we don't need top-tier solutions—just a clear architecture blueprint that lays out how the GUI, C engine, and crypto components fit together would be awesome. Thanks in advance for any advice, best practices, or even simple diagrams!
1 Answer
I think running the C engine as a service all the time isn’t necessary. It might be simpler to have it launch just when the GUI needs it. About the bootable USB, I get that you want offline access. Think about how many people want to wipe everything off their drives before they sell or recycle their computers. Using a bootable tool would allow complete access to the drive without any OS interference, ensuring all sensitive info is truly wiped, including hidden areas. What types of adversaries are you preparing for?
To clarify about the daemon/service—yeah, we're thinking of just having the engine start when the GUI prompts it. It makes the process simpler, especially for a prototype. Regarding the offline mode—it's crucial for thorough wipes, as it needs to erase every bit on the drive, including the OS. You can't risk leaving any data recoverable.