BU writes: Peter Trei writes:
You may be a lawyer, but I'm a cryptographic software engineer.
Cleansing disks and memory of keys and plaintext isn't done to prevent some hypothetical court from looking at evidence; there are good, legally unremarkable reasons to do so, which are regarded as good hygiene and 'best practice' in the industry.
Unfortunately, that conduct is going to be assessed by some old guy who was once a lawyer, and who I highly doubt was ever a cryptographic software engineer. (The latter actually has to think hard on a regular basis).
[Lots of good stuff elided for brevity]
Destroying sensitive data is part of doing the job right, in a professional, 'best practice' manner.
Again, it's going to be an uphill battle to get a jury of people too stupid to get out of jury duty to believe that. You might think about a side job offering expert testimony services for this exact thing.
Judges have to take testimony on subjects they know little about all the time. Yes, I'd consider being an EW (but generally not for free). I'd have no problem showing that zeroisation is a standard practice - in fact, it's mandated by some government standards for protecting classified data. Peter Trei