Consider the following:
mount | grep home
... type reiserfs ...
rm -Rf /home/user/over_9000_little_and_big_super_secret_files/
# oops, I should have shredded it instead.
How can I properly and securely "initialize free space" to ensure that no additional info can be restored restored by digging in free space? (Preferrably without stopping or disturbing the filesystem much.)
Is dd if=/dev/frandom of=/home/qqqqq really secure for this (tails, journal, etc.)?
If you want to be really sure, tar the whole filesystem to another drive, like this:
ssh host "tar --one-file-system -jcf - /" > system-root.tar.bz2
Then use shred to wipe the device, and untar the contents back. With shred you can specify the amount of wipes; I would run 0-2 writes with random data and then zero over it. Why just 1-3 writes and not 30? Because even with professional tools, recovery of single bit is some 80% certain after a single wipe. This means a chance to recover one whole byte of data is around 0.8^8 = 0.17 = 17%. And that's a single byte, hardly revealing many secrets.
You're going to have to wipe the entire free space if you really want to make sure it's gone.
Generally, using /dev/random (and variations) is not as secure as a full fledged wipe, because /dev/random may or may not use the disk contents to add entropy, and only does one pass, without security in its design.
Have a look at this question regarding secure deletion of data on hard drives over on security.stackexchange.com. It is a little wider in scope than your question, covering the entire drive, but a range of useful thoughts on the problem list Secure Erase as the recommended method.
For flash drives, there are specific problems which come up as well.
You might want to consider Secure Delete from THC. You might also want to consider encrypting the file system. There are some caveats to unencrypted file systems that have journaling capabilities.
