lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4B5DB41B.7090606@csuohio.edu>
Date: Mon, 25 Jan 2010 10:09:15 -0500
From: Michael Holstein <michael.holstein@...ohio.edu>
To: Bipin Gautam <bipin.gautam@...il.com>
Cc: full-disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: Disk wiping -- An alternate approach?


> - The absence of evidence 9 times out of 10 is just as bad as the
> evidence itself in court.
>   

In what court?


> - What you type text or email can, and will, be used against you in a
> court of law.
>   

Only if obtained by correct process of law and you resist the temptation
to "explain yourself" to the police.


> So, plausible deniability solution for disk wiping?:
>
> Let, disk wiping tools LOAD the whole WIKIPEDIA in nxn matrices and
> mix ALL the words & phrases in a random pool continuously and use THIS
> as the "Wiping passes and patterns" while they wipe the disk-space
> (instead of using random-pass or zero) 

You're forgetting that you aren't required to explain yourself in court
(5th Ammendment). It's the job of the prosecution to connect the dots
and prove you're guilty. Smart defendants hire their own expert to
refute the testimony of of the prosecution's "expert".

As to Wikipedia, I think a random overwrite pattern would be way better
than them finding fragments of the following (just two examples) :

http://en.wikipedia.org/wiki/Nuclear_weapon_design
http://en.wikipedia.org/wiki/Child_prostitution

Practically every illegal act has an article on Wikipedia .. why
deliberately "seed" your hard disk with them?

Cheers,

Michael Holstein
Cleveland State University

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ