| |
 |
|
|
Science Forum Index » Cryptography Forum » Truly Secure File or Disk free space Shredding...
Page 1 of 1
|
| Author |
Message |
| Gil... |
 Posted: Thu Jul 17, 2008 5:20 pm |
|
|
|
Guest
|
I am getting more confused all of the time. I have read that it is not
true that most programs can truly delete with one pass only. I have
read that only the Gutmann algorithm is truly secure against Forensic
Hardware recovery techniques.
It is a VERY LONG process of over 35 writes.
What is the real truth here. It seems that incineration (obviously I
won't do that ) is the only truly secure method? |
|
|
| Back to top |
|
| Ertugrul Söylemez... |
| Posted: Thu Jul 17, 2008 8:35 pm |
|
|
|
Guest
|
Gil <w0mn00 at (no spam) gmail.com> wrote:
Quote: I am getting more confused all of the time. I have read that it is not
true that most programs can truly delete with one pass only. I have
read that only the Gutmann algorithm is truly secure against Forensic
Hardware recovery techniques.
It is a VERY LONG process of over 35 writes.
Mr. Gutmann's analysis is questionable to some extent. Experts say that
in practice two or three overwrites with arbitrary data (which doesn't
need to be random or alternating bit patterns) should suffice. Also
consider that there are no experimental proofs, which would show that
Mr. Gutmann's recovery method works at all.
Quote: What is the real truth here. It seems that incineration (obviously I
won't do that ) is the only truly secure method?
Yes. There can always be physical data trails in or near the hard disk,
which we haven't discovered yet; or maybe someone finds out that in
practice Mr. Gutmann's conjecture is much worse than he thought. Maybe
even a hundred overwrites is not enough.
So in my opinion, the best method is not to let any plaintext data into
the hard disk in the first place, i.e. use encryption. If you can't
(which is unlikely) and you want to make 100% sure, destruction is the
only method, if you can afford it. If "adequate security" is enough for
you, overwrite three or four times. That should be enough.
Greets,
Ertugrul.
--
nightmare = unsafePerformIO (getWrongWife >>= sex) |
|
|
| Back to top |
|
| Gil... |
| Posted: Fri Jul 18, 2008 6:13 am |
|
|
|
Guest
|
On Fri, 18 Jul 2008 03:35:08 +0200, Ertugrul Söylemez <es at (no spam) ertes.de>
wrote:
Quote: Gil <w0mn00 at (no spam) gmail.com> wrote:
I am getting more confused all of the time. I have read that it is not
true that most programs can truly delete with one pass only. I have
read that only the Gutmann algorithm is truly secure against Forensic
Hardware recovery techniques.
It is a VERY LONG process of over 35 writes.
Mr. Gutmann's analysis is questionable to some extent. Experts say that
in practice two or three overwrites with arbitrary data (which doesn't
need to be random or alternating bit patterns) should suffice. Also
consider that there are no experimental proofs, which would show that
Mr. Gutmann's recovery method works at all.
What is the real truth here. It seems that incineration (obviously I
won't do that ) is the only truly secure method?
Yes. There can always be physical data trails in or near the hard disk,
which we haven't discovered yet; or maybe someone finds out that in
practice Mr. Gutmann's conjecture is much worse than he thought. Maybe
even a hundred overwrites is not enough.
So in my opinion, the best method is not to let any plaintext data into
the hard disk in the first place, i.e. use encryption. If you can't
(which is unlikely) and you want to make 100% sure, destruction is the
only method, if you can afford it. If "adequate security" is enough for
you, overwrite three or four times. That should be enough.
Greets,
Ertugrul.
This is encouraging but unfortunately the program that operates the
best only does it once. I guess I could run it three time but that
loses the ease of use.
I like the design of ShredAgent. It is a device driver that
automatically overwrites as you do a delete if you set it to active
mode thereby converting Windows delete to a true delete, assuming they
are correct that the single overwrite for modern drives is secure.
I am not sure if the data written would be the same on a second run (
this is hard since it is already done and you have to run a delete
free space to do it which takes about 80 minutes on this drive) so I
don't know if it would increase security or not? |
|
|
| Back to top |
|
| Gordon Burditt... |
| Posted: Fri Jul 18, 2008 4:30 pm |
|
|
|
Guest
|
Quote: I am getting more confused all of the time. I have read that it is not
true that most programs can truly delete with one pass only. I have
read that only the Gutmann algorithm is truly secure against Forensic
Hardware recovery techniques.
It is a VERY LONG process of over 35 writes.
What is the real truth here. It seems that incineration (obviously I
won't do that ) is the only truly secure method?
I don't think incineration is necessarily secure. You still might
be able to get some of the data. You can, for example, recover
information written on paper which is then burned, sometimes just
by looking at the ashes if they stayed mostly in one piece.
Here are some better ideas:
- Launch it into the sun (possible risk if rocket lands back on Earth
instead of going where it should).
- Dump it into a blast furnace, where it will be totally melted.
- Blow it up with C4, or a small nuke, at a range of 6 inches. |
|
|
| Back to top |
|
| Simon Sibbez... |
| Posted: Fri Jul 18, 2008 4:46 pm |
|
|
|
Guest
|
Gordon Burditt wrote:
Quote: - Launch it into the sun (possible risk if rocket lands back on Earth
instead of going where it should).
- Dump it into a blast furnace, where it will be totally melted.
- Blow it up with C4, or a small nuke, at a range of 6 inches.
before this gets any better:
grinding the platters will do the job just fine.
-- Simon |
|
|
| Back to top |
|
| ... |
| Posted: Fri Jul 18, 2008 6:04 pm |
|
|
|
Guest
|
Gil wrote:
Quote: I am getting more confused all of the time. I have read that it is not
true that most programs can truly delete with one pass only. I have
read that only the Gutmann algorithm is truly secure against Forensic
Hardware recovery techniques.
It is a VERY LONG process of over 35 writes.
What is the real truth here. It seems that incineration (obviously I
won't do that ) is the only truly secure method?
Who is the attacker? Some thief who stole your laptop? You local
police? Those types of attacks don't need the amount of security
that, say, Osama Bin laden needs to defeat the best efforts of the
NSA. |
|
|
| Back to top |
|
| Ertugrul Söylemez... |
| Posted: Sat Jul 19, 2008 10:20 am |
|
|
|
Guest
|
Gil <w0mn00 at (no spam) gmail.com> wrote:
Quote: I like the design of ShredAgent. It is a device driver that
automatically overwrites as you do a delete if you set it to active
mode thereby converting Windows delete to a true delete, assuming they
are correct that the single overwrite for modern drives is secure. I
am not sure if the data written would be the same on a second run (
this is hard since it is already done and you have to run a delete
free space to do it which takes about 80 minutes on this drive) so I
don't know if it would increase security or not?
I'm sure that it would be easy to add consistent shredding capabilities
to existing filesystem drivers, which overwrite file fragments, when
moved or deleted, such that a file is destroyed with guarantee, when
deleted. It would be slow as hell, but a wonderful feature for some
people, although I would still prefer encryption.
Greets,
Ertugrul.
--
nightmare = unsafePerformIO (getWrongWife >>= sex) |
|
|
| Back to top |
|
| Gil... |
| Posted: Sun Jul 20, 2008 8:04 pm |
|
|
|
Guest
|
On Fri, 18 Jul 2008 23:04:55 +0000, me at (no spam) privacy.net wrote:
Quote:
Gil wrote:
I am getting more confused all of the time. I have read that it is not
true that most programs can truly delete with one pass only. I have
read that only the Gutmann algorithm is truly secure against Forensic
Hardware recovery techniques.
It is a VERY LONG process of over 35 writes.
What is the real truth here. It seems that incineration (obviously I
won't do that ) is the only truly secure method?
Who is the attacker? Some thief who stole your laptop? You local
police? Those types of attacks don't need the amount of security
that, say, Osama Bin laden needs to defeat the best efforts of the
NSA.
Actually, the biggest problem is knowing what files to delete if you
are not using system wide encryption and knowing that there is no
agency monitoring the radiation that escapes an active system.
There is a huge amount of data around in temporary caches that must be
destroyed. |
|
|
| Back to top |
|
| Gil... |
| Posted: Thu Jul 24, 2008 8:29 am |
|
|
|
Guest
|
On Sun, 20 Jul 2008 20:04:22 -0500, Gil <w0mn00 at (no spam) gmail.com> wrote:
Quote: On Fri, 18 Jul 2008 23:04:55 +0000, me at (no spam) privacy.net wrote:
Gil wrote:
I am getting more confused all of the time. I have read that it is not
true that most programs can truly delete with one pass only. I have
read that only the Gutmann algorithm is truly secure against Forensic
Hardware recovery techniques.
It is a VERY LONG process of over 35 writes.
What is the real truth here. It seems that incineration (obviously I
won't do that ) is the only truly secure method?
Who is the attacker? Some thief who stole your laptop? You local
police? Those types of attacks don't need the amount of security
that, say, Osama Bin laden needs to defeat the best efforts of the
NSA.
Actually, the biggest problem is knowing what files to delete if you
are not using system wide encryption and knowing that there is no
agency monitoring the radiation that escapes an active system.
There is a huge amount of data around in temporary caches that must be
destroyed.
There is some truth to that but even encryption is not going to stop a
key logger or a radiation detector that logs keystrokes.
The keystroke is clear text before encryption so maybe I need a
Faraday shield room, nahhh  |
|
|
| Back to top |
|
| |
|
Page 1 of 1
All times are GMT - 5 Hours
The time now is Mon Oct 13, 2008 12:42 am
|
|