[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: storage privacy (was: Nice quiet, private, anonymous life??)



On Dec 5, 2007 4:05 PM,  <mark485anderson@xxxxxx> wrote:
> ... Have you actually tested using a magnetic field for this ...

despite the rudeness of some of this thread, it really is difficult to
properly clear / purge data from a modern hard disk using a magnetic
field.  we do this at work, and the device is a large box with loud
fans.  you must wear heat resistant glove(s) to hold the hard drive
over the unit for 60+ seconds.  it gets quite hot (see inductive
smelting, etc).

arranging such a unit inside a case would be difficult, dangerous, and
probably not as effective as you think.

see http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html

this is why full disk encryption is preferable.  it is much quicker
and safer to securely purge or destroy the disk keys (small) than the
whole disk itself (large, time consuming).

there are many ways to configure authentication/authorization for
encrypted disk access, including multi-factor passphrase, token, even
biometric.  maybe you leave the keys on disk for headless boot and
only want the ability to securely wipe them if needed.

last note, the loop-aes module support key scrubbing in memory, so
that even ram cannot be inspected for usable disk encryption keys that
could remain after power down. (some other volume encryption methods
may also support this, however, loop-aes is the only one i've used
that does so.)

best regards,