[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Re: [PAPER] Juggling with packets: floating data storage
- To: secpapers@securityfocus.com, full-disclosure@netsys.com
- Subject: Re: [Full-Disclosure] Re: [PAPER] Juggling with packets: floating data storage
- From: Michael Sierchio <kudzu@tenebras.com>
- Date: Wed, 08 Oct 2003 19:08:28 -0700
Jason wrote:
May I draw your attention to an old Gutmann paper that is still very
much worth the read.
http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
There is another paper that is also worth the read but sadly I've lost
the last reference to it I had.
Deletion of data in RAM and even replacing it does not ensure that the
old data is not recoverable.
Even the overwriting scheme proposed is not workable in practice,
at least not for hard drives or compact flash media -- both of
which silently remap sectors when "difficulties" are discovered,
such that it is impossible to write to them again because they
are invisible to the OS -- but they're visible to direct forensic
examination.
Only a CPA-IND encryption scheme in which keys are managed
separately from the filesystem, and where a key-per-file
scheme is in force, and where directories are similarly
encrypted is there any degree of provable secure deletion.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html