lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20050724001536.GC32500@paradise.net.nz>
Date: Sun, 24 Jul 2005 12:15:36 +1200
From: Volker Kuhlmann <list0570@...adise.net.nz>
To: bugtraq@...urityfocus.com
Subject: Re: Peter Gutmann data deletion theaory?


> Unlike DRAM and SRAM, Flash etc. has no continual or repetitive
> amplification function.  Traces of previous charges may remain, but I
> doubt they would be recoverable, except perhaps by the most drastic
> forensic techniques

I would expect flash memory content to be easily recoverable when
opening the chip.

> - and even then, each write or erase operation would
> reduce the remnants further still.

True, but don't put yourself to rest on it. Ever noticed that flash
memory is always smaller than the power of two which it is advertised
as? Memory is manufctured in matrices, so where is the missing memory? I
suggest these two possibilities: memory blocks coming out of manufacture
damaged are "turned off" (prevented from being used), a percentage of
memory blocks is reserved for defect management. As everything flash
uses a simple sort of FAT filesystem on these memories, the same areas
get repeatedly used and worn out, rendering the thing useless very
early. As a result, I expect flash memory to have defect management
similar to hard disks - when you think you're overwriting it, you're in
reality writing elsewhere. For either flash or hard disk you'll need to
get past internal defect management to sanitise the data. Or physically
destroy the memory media - always safest.

Volker

-- 
Volker Kuhlmann			is possibly list0570 with the domain in header
http://volker.dnsalias.net/		Please do not CC list postings to me.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ