Purpose of /dev/zero?

Question

I tried to cat /dev/zero, and it didn't seem to do anything. I googled /dev/zero, and it says it's basically a blank file with infinite size. Is cat printing an infinite number of non-existent characters? How does this work? How does it provide infinite data if it's 0 bytes? What are the uses of this file, if one can simply create a blank file?

Run cat -v /dev/zero to see what it is doing. See Clear unused space with zeros (ext3,ext4) for a common purpose. — manatwork, Jan 31 '13 at 13:09
There is also /dev/null which behaves like an empty file if you want to read it and as a black hole if you write to it. — jofel, Jan 31 '13 at 15:00
@jofel but you can't use /dev/null for infinite 0-bits, right? cat foo > /dev/null and cat foo > /dev/zero are the same, but cat /dev/null and cat /dev/zero aren't the same, correct? — tkbx, Jan 31 '13 at 15:19
@tkbx yes, correct. /dev/null returns immediately EOF if a program wants to read from it. /dev/zero returns infinitely 0-bytes. — jofel, Feb 01 '13 at 11:04

Konerak · Answer 1 · 2013-01-31T13:15:55.427

62

/dev/zero is a special file (in this case, a pseudo-device) that provides an endless stream of null characters (so hex 0x00)? That's why your cat is not outputting anything (but try running it through od (octal dump)).

'blank file with infinite size' is not 100% correct: it's not a regular file, but a special file (more like a 'stream' or a generator). You can read as much from it as you want, for example with dd (like dd if=/dev/zero of=yourfile count=1024 bs=1024).

It's not really a blank file, nor used to create blank files: it's used to create files or memory pages filled with only zeroes. You can also write to it, making it perform like a sinkhole (its more popular brother /dev/null is more commonly used for this though).

edited Jan 31 '13 at 13:15

answered Jan 31 '13 at 13:10

Konerak

1,451

1

Why would someone want to fill up blank space, though? – tkbx Jan 31 '13 at 13:16
7

For example, to erase what was there before. Or when transmitting. – Konerak Jan 31 '13 at 13:18
does srm use this? – tkbx Jan 31 '13 at 13:28
4

I've not read the srm manual or source, but most 'secure erasers' prefer to write (pseudo-)random data instead of zero-ing a drive, since one pass of zero-ing is not secure enough (certain three-letter agencies can still deduct the original contents of a zeroed harddisk, since the individual bits are not 100% truly 1 or 0, but just "mostly 1" or "mostly 0". Compare it to a lever which you can put "all the way left" or "all the way right", but usually just a swing to the other side is enough. – Konerak Jan 31 '13 at 13:32
Weird, in OS X's Disk Utility, it asks you how many times you'd like to zero a drive when you erase it, but srm's man page says it's random. – tkbx Jan 31 '13 at 13:38
13

@tkbx trying to dd a partition you may want to fill all empty space to 0 rather than random to get a smaller compressed file later. – neurino Jan 31 '13 at 14:06
1

@Konerak I'm fairly suspicious of that. I've heard it said all over the place and I've never once seen evidence of it being possible on any remotely new harddrive (made in the past 10 years at least). – Rob Jan 31 '13 at 16:34
also, if you have physical access to a machine and there is no bios password, you can easily scramble the hd by overwriting the MBR with dd. – Bartlomiej Lewandowski Jan 31 '13 at 19:14
@Bartl: only overwriting the MBR/FAT will still allow certain applications to recover files from the disk, just as only deleting the files (= marking the file as deleted). – Konerak Feb 01 '13 at 07:17
1

@Konerak, Re "certain three-letter agencies": to the contrary, in the 20+ years since Palimpsest file recovery was hypothesized, there's been no evidence that anyone can recover zeroed out data. It's a techo-superstition that does positive environmental harm, because it prevents hard disk re-use, (after paranoid users destroy their old disks with hammers and drills instead of zeroing them out). – agc Jun 04 '17 at 14:33
@agc interesting read, thanks! Maybe I should have said "certain three letter agencies might" instead of "can". In theory, the absense of proof does not prove something impossible... even with Wikileaks leaking enough trade secrets... but realistically speaking you're probably right. – Konerak Jun 04 '17 at 14:46
@Konerak, A supplemental thought experiment: if it were possible to recover data n levels of deletion deep, disk manufacturers could exploit that greater data density to multiply their data resolution by n times. Even if that proved commercially impractical, (let's say an n times palimpsest read/write head was too slow, or cost more than n times a conventional head), data recovery companies could afford such boutique techniques. If the techniques for palimpsest reads were too expensive even for recovery vendors, then... (cont) – agc Jun 04 '17 at 15:03
@Konerak (continued), even the TLAs would have to find budgets for it, (perhaps padded, assuming suitably covert accounting methods), so that the cost per MB would be prohibitively expensive for all but the highest priority evidence. Multiply that cost up one more level, (given the present hypothesis that the palimpsest method would be a state secret), and therefore require some kind of evidence laundering to be a applied to domestic investigations. At this level of cost, the profit level for faking evidence (or the lack of it) rises, especially if there's not much oversight. – agc Jun 04 '17 at 15:41

Purpose of /dev/zero?

1 Answers1

Linked