[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: storage privacy
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Eugen Leitl wrote:
> On Tue, Dec 04, 2007 at 01:35:49PM -0700, mark485anderson@xxxxxx wrote:
(snip)
>> Most data overwrite programs take too long-you do not have that time
>> when they are knocking down your door.
>
> You have to power down the servers before confiscating them.
> You can use a smartcard along with a PIN for a login, or at
> least purge the passphrase after N failed login attempts.
>
> Don't assume Mallory is omniscient and omnipotent. Knuckledragger
> forensics won't even find anything out of ordinary.
>
IIRC, if you have a TrueCrypt volume and you want to permanently disable
access to it (instead of relying on its plausible deniability
mechanisms) - in a hurry - there are two possible ways:
1.) Securely overwrite the first 1024KB of the volume; IIRC, this
contains the actual, fixed volume keys, encrypted with the credentials
you've chosen to use. Without this, even the proper credentials will
fail to open the drive.
2.) TrueCrypt offers the use of keyfiles as credentials, in addition to
(or even in lieu of) a passphrase; these can be kept exclusively on a
removable medium of some kind (e.g., USB drive, CD-R). Destroy the
medium with the keyfiles, and decryption becomes (basically) impossible.
>> A strong magnetic field close to the hard drive will completely destroy
>> the data making it impossible to recover. I will also probably fuckup
>
> Have you any idea how strong the field would have to be? Look it up.
>
(snip)
He should look it up.
IIRC, Gutmann's famous paper, "Secure Deletion of Data From Magnetic and
Solid-State Memory," dealt with degaussing/demagnetizing as a possible
method of data destruction.
In short, the strength of the magnetic field would have to be enormous -
far more than even most industrial magnets can provide - to properly
destroy data on a modern hard drive.
(Now, maybe if you could get access to the experimental U.S. Navy magnet
that was mentioned... =xoD )
>
> I am saying you're talking out of /dev/ass
>
LOL! =xoD I'll have to remember that one! =:oD
- --
F. Fox
Owner of node "kitsune"
CompTIA A+, Net+, Security+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFHVgOBbgkxCAzYBCMRAqznAJ9g6q6aJXFLFUJikq7rHjuADa76fgCgiqJX
yvl/9GIQUkmy4qIi+e6/R/s=
=RNcX
-----END PGP SIGNATURE-----