I’m developing some software for data encryption in C. Here, I just want to ask whether there are any possibilities to make use of some techniques for anti data deletion “without relying much on specific OS API”? If your answer is that it is possible, I would be happy if you can to tell how and give me a lot of explanation. Otherwise, if it is impossible, you can give me the answer “It is impossible” without much explanation.
The reason why I do to ask is that, I anticipate if someday the attacker had already physical access to the machine, the anti-deletion by using dependent OS API will not work (for example, by using a very fast booting OS like Backtrack 5).
Sorry, it an attacker can boot a different operating system there’s nothing you can do, because any anti-deletion code you may have written won’t be running.
This unless you manage to intercept and patch somehow the calls to the ATA/SCSI controller and insert this patch before the BIOS gives control to the OS, but I don’t think that’s even possible; on the other hand, physical access = root access, the attacker could as well grab a screwdriver, open the case, connect the disk to another computer and do whatever he wants with it.