[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: storage privacy (was: Nice quiet, private, anonymous life??)

To: or-talk@xxxxxxxxxxxxx
Subject: Re: storage privacy (was: Nice quiet, private, anonymous life??)
From: mark485anderson@xxxxxx
Date: Sat, 08 Dec 2007 17:14:40 -0700
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Sat, 08 Dec 2007 19:14:48 -0500
In-reply-to: <4ef5fec60712051628s3ca13d26t4647cba55a788142@xxxxxxxxxxxxxx>
References: <4ef5fec60712021443p288a6313n96617877c9faa1e3@xxxxxxxxxxxxxx> <475361E0.3020208@xxxxxxxxx> <1196800549.14703.1224803171@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <20071204212024.GB4005@xxxxxxxxx> <1196899527.19269.1225052087@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <4ef5fec60712051628s3ca13d26t4647cba55a788142@xxxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

no problem, I accept yours and others assertions that a home made
magnetic device won't work.
It occurs to me that in any case where even one operator knows or has
possession/knowledge of the keys or backups,
that that information could still be gained through torture/coercion in
rare cases where the information effects
"national security" or the guys wanting it are mean SOBs. 


On Wed, 5 Dec 2007 16:28:18 -0800, "coderman" <coderman@xxxxxxxxx> said:
> On Dec 5, 2007 4:05 PM,  <mark485anderson@xxxxxx> wrote:
> > ... Have you actually tested using a magnetic field for this ...
> 
> despite the rudeness of some of this thread, it really is difficult to
> properly clear / purge data from a modern hard disk using a magnetic
> field.  we do this at work, and the device is a large box with loud
> fans.  you must wear heat resistant glove(s) to hold the hard drive
> over the unit for 60+ seconds.  it gets quite hot (see inductive
> smelting, etc).
> 
> arranging such a unit inside a case would be difficult, dangerous, and
> probably not as effective as you think.
> 
> see http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
> 
> this is why full disk encryption is preferable.  it is much quicker
> and safer to securely purge or destroy the disk keys (small) than the
> whole disk itself (large, time consuming).
> 
> there are many ways to configure authentication/authorization for
> encrypted disk access, including multi-factor passphrase, token, even
> biometric.  maybe you leave the keys on disk for headless boot and
> only want the ability to securely wipe them if needed.
> 
> last note, the loop-aes module support key scrubbing in memory, so
> that even ram cannot be inspected for usable disk encryption keys that
> could remain after power down. (some other volume encryption methods
> may also support this, however, loop-aes is the only one i've used
> that does so.)
> 
> best regards,
-- 
  
  mark485anderson@xxxxxx

-- 
http://www.fastmail.fm - mmm... Fastmail...

References:
- Re: storage privacy (was: Nice quiet, private, anonymous life??)
  - From: coderman
- Re: storage privacy (was: Nice quiet, private, anonymous life??)
  - From: F. Fox
- Re: storage privacy (was: Nice quiet, private, anonymous life??)
  - From: mark485anderson
- Re: storage privacy (was: Nice quiet, private, anonymous life??)
  - From: Eugen Leitl
- Re: storage privacy (was: Nice quiet, private, anonymous life??)
  - From: mark485anderson
- Re: storage privacy (was: Nice quiet, private, anonymous life??)
  - From: coderman

Prev by Author: Re: storage privacy (was: Nice quiet, private, anonymous life??)
Next by Author: Re: storage privacy (was: Nice quiet, private, anonymous life??)
Previous by thread: Re: storage privacy
Next by thread: Re: storage privacy (was: Nice quiet, private, anonymous life??)
Index(es):
- Author
- Thread