Re: PC disk wipe software
Responding to msg by bdavis@dg.thepoint.net (Brian Davis) on Tue, 10 Oct 10:47 AM
FYI the Justice Department requires degaussing a hard drive before it can be declared surplus ...
----- The Washington Post, Oct 9, 1995. E-Mail That Comes Back And Bites. Even Deleted Messages Can Be Recovered for Court [excerpts] Computer sleuth John Jessen dredges computer files for electronic embarrassments that their authors thought were long gone. "Deleted" e-mail messages can pile up like little time bombs until someone such as Jessen arrives, carrying a court order and a stack of blank memory cartridges. "Can you really delete e-mail? Sure," Jessen said. "Does it happen as a common practice? No." Jessen is the founder of Electronic Evidence Discovery Inc., a Seattle company that since 1987 has been going after computer evidence in civil lawsuits. The nation's 25 million to 40 million users of e-mail are growing more comfortable with the medium. And more attorneys are recognizing e-mail's potential as a source of unguarded information about the companies they're suing. "People are very candid talking around the coffee machine." attorney Michael Patrick of Palo Alto, Calif., said. "They seem to behave the same way on the computer system. "They think they're speaking confidentially, so they're off the cuff," he said. "They're very often insulting. What they don't realize is it's all being recorded, and often those recordings are stored for a very long time. When you send a message, you lose control over where it goes." Many workers think their e-mail is private. It's not. Federal law allows employers to monitor employees' e-mail, and even if they don't, e-mail is fair game in lawsuits. When someone sues a company, the rules of discovery demand that the company produce all relevant business records. "The fact that they live in a computer rather than a file cabinet doesn't make any difference to the court," said Joan Feldman at Computer Forensics, another Seattle firm that specializes in this work. Often files retrieved include e-mail thought to have been erased long ago. It survives because the diligent computer system manager makes backup tapes of everything on the system every night, then stores those tapes for years. And so the files persist and multiply, aided by technological advances that continually add more storage capacity, more automatic backups and more redundancies to safeguard data from accidental erasure. "The computer is like a file cabinet tbat can open its own drawer, put a file on the copy machine and then slip the copy into another cabinet," Jessen said. "Sometimes I think it's alive." Jessen and Feldman augment their high-tech detective work by advising companies how to become less vulnerable to computer snoops like themselves: They recommend regular purges of old data, and they offer tips for avoiding e-mail blunders in the first place. Rule No. 1: Don't put anything on e-mail that you wouldn't want a jury to see. -----
Often files retrieved include e-mail thought to have been erased long ago. It survives because the diligent computer system manager makes backup tapes of everything on the system every night, then stores those tapes for years.
Uh... they back up their *mail* spools? Yeah, right. ~james
Crypto relevance: None. Privacy relevance: High.
Often files retrieved include e-mail thought to have been erased long ago. It survives because the diligent computer system manager makes backup tapes of everything on the system every night, then stores those tapes for years.
Uh... they back up their *mail* spools? Yeah, right.
machine:/home/mark/.elm mark> grep mbox elmrc receivedmail = /home/mark/mail/mbox sentmail = /home/mark/mail/mbox.out People do record their incoming and outgoing email. Smart ones will store it offsite (auto farward to their home machine). Others will pgp them online. Mostly though the cleartext email files will be happily archived away each night to the nice friendly DAT tape down the corridor in the machine room. This is also a situation on PC and Mac POP clients. They can be configured to record your email as it goes in and out. Here we also backup the PC's each night to a DAT. Thats why it's important to self sanitize your files. Me, I just nuke any sensitive information that may arrive in my work mbox, or save/forward it to a safer place. I discourage people from using my work address as a regular personal contact point. Also ensure your admins aren't the nosy types. I started work at one place and noticed in the /.sh_history file that the previous admin was regularly grepping peoples mail spools for his name. This caused some concern to the management when they were informed. Obviously these forays were not part of his everyday job and were a personal endeavour. Cheers, Mark mark@lochard.com.au
People do record their incoming and outgoing email. Smart ones will store it offsite (auto farward to their home machine). Others will pgp them online. Mostly though the cleartext email files will be happily archived away each night to the nice friendly DAT tape down the corridor in the machine room.
I mistakenly interpreted the original posting as "outgoing only." Incoming mail must certainly be saved; however, backing up an outgoing mail spool on a busy machine is senseless. By "busy", I mean "that machine which serves as a mail server". Outboxes change the situation, but they are not universal.
Me, I just nuke any sensitive information that may arrive in my work mbox, or save/forward it to a safer place. I discourage people from using my work address as a regular personal contact point.
This brings up an interesting point, namely: where is your email secure? If the FBI or security agency of your choice decides to clamp a legal hold upon the machines upon which you work, they surely wouldn't be so foolish as to forget about your home machine over that frame-relay or ppp/slip link. In such a situation, telling people to use any mailbox at all is useless unless they encrypt with a relatively secure encryption package, z.B. pgp.
Also ensure your admins aren't the nosy types. I started work at one place and noticed in the /.sh_history file that the previous admin was regularly grepping peoples mail spools for his name. This caused some concern to the management when they were informed. Obviously these forays were not part of his everyday job and were a personal endeavour.
This is a problem, and almost certainly more of a problem than security agencies demanding your backup tapes. There's also no way around it; the only solution is encryption. ~james
Excuse me? Yes, most systems back up everything. I run an ISP. We back up -everything- (well not netnews), nightly.
Often files retrieved include e-mail thought to have been erased long ago. It survives because the diligent computer system manager makes backup tapes of everything on the system every night, then stores those tapes for years.
Uh... they back up their *mail* spools? Yeah, right.
~james
-- sameer Voice: 510-601-9777 Community ConneXion FAX: 510-601-9734 The Internet Privacy Provider Dialin: 510-658-6376 http://www.c2.org (or login as "guest") sameer@c2.org
Excuse me? Yes, most systems back up everything. I run an ISP. We back up -everything- (well not netnews), nightly.
Hmm. Any why *don't* you back up netnews? For more or less the same reasons it's not particularly useful to back up outgoing mail spools; to claim that "most systems do blah blah" is like saying that "most people like menudo." I, for one, don't. "{I/we} run an ISP" is a ubiquitous statement these days; everybody and his brother "runs an ISP." I know a drunken college dropout down the block with a limping sun 3/50 and two phone lines who prides himself on his ISP. What is not so common is common sense regarding privacy, ie there is not any real reason to back up an *outgoing* mail spool unless you want security_agency_of_ your_choice to come and root through your exabyte tapes next week. Now, as I mentioned in a followup, incoming mail is a different matter. At some point it loses its meaning, though: mail is mail, and it's all incoming somewhere. The only useful alternative is strong encryption of *all* messages, an alternative which solves both the nosy-sysadmin problem as well as styming the snooping legal beagles. ~james
participants (4)
-
Mark -
nobody@REPLAY.COM -
sameer -
Santiago de la Paz