Secure erasing Info (fwd from richard at SCL.UTAH.EDU)
sunder
sunder at sunder.net
Tue May 3 10:10:07 PDT 2005
Jason Holt wrote:
>There are lots of pitfalls in secure erasure, even without considering
>physical media attacks. Your filesystem may not overwrite data on the same
>blocks used to write the data originally, for instance. Plaintext may be left
>in the journal and elsewhere. Even filling up the disk may not do it, as some
>filesystems keep blocks in reserve. I did a demo a few years ago where I
>wrote plaintext, overwrote, then dumped the filesystem blocks out and found
>parts of the plaintext.
>
>For anybody who hasn't read it, the Gutmann paper is "Secure Deletion of Data
>from Magnetic and Solid-State Memory", and is highly recommended. He shows
>that even RAM isn't safe against physical media attacks.
>
>
Incase anyone's too lazy to google it, Peter Gutmann's paper can be
found here:
http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
Good point. So, modify that with - create a block-level encrypted file
system on the flash drive, so long as you key and passphrase are good,
you should be safe enough... I've also seen this little toy:
http://www.biostik.com/ a bit pricey, but depending on your threat
model, might add another layer of protection. Not something I'd
personally bother with - esp with the recent stuff about how to make
fake fingerprints, etc (funny thing is that your fingerprints will be on
the case of this thing, so not much security there), but YMMV based on
your threat model, right? But, as always, encrypt early and often. :-D
Would make an interesting side conversation about how fingerprints are
passwords, but passwords that can (now?) be easily stolen and replayed.
IMHO, it casts doubt on a lot of biometric methods. Wonder if it would
be possible to create an image of an iris that would pass an iris scan,
if so, both fingerprints and irises become much like permanent credit
cards, but worse, which once duplicated, cannot be revoked. One can
imagine in the future once ATM's have iris scanners, that some evil
group will set up a fake ATM with a very good CCD camera setup to
capture irises as well as ATM cards and pin #'s... and, why not, also
finger prints if future ATM's use such scanners.
More information about the cypherpunks-legacy
mailing list