Just to go further down the tech tangent... There are SSD drives with full-disk encryption, such as the Intel 520 series. Here's a paper "Reliably Erasing Data From Flash-Based Solid State Drives" from Usenix 2011 that analyzes disk sanitation on several SSD drives. Their conclusion was that built in encryption and sanitization functions were most effective, but were not always implemented correctly: http://static.usenix.org/events/fast11/tech/full_papers/Wei.pdf Regarding storage for disk-encryption keys, PCs with TPMs can seal keys such that they can only be unsealed if the machine is booted to a verifiable state. Then you can leave the sealed key on the disk, which is how Bitlocker works. Keep in mind that TPMs can be compromised by physical attacks. They aren't going to protect you from a moderately-funded forensics effort. But if you're getting information security advice from a Forbes blog, that will be the least of your worries. On Mon, Dec 17, 2012 at 1:42 PM, Michael Rogers <michael@briarproject.org>wrote:

I'm not aware of any suitable storage on current smartphones or personal computers, so we may need to ask device manufacturers to add (simple, inexpensive) hardware to their devices to support secure deletion.

-- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE