lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <61414d3f1001251926r5d933a11w17272f808875fe36@mail.gmail.com>
Date: Tue, 26 Jan 2010 04:26:08 +0100
From: "E. Prom" <e3prom@...il.com>
To: full-disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: Disk wiping -- An alternate approach?

2010/1/26 Rohit Patnaik <quanticle@...il.com>:
> A few phrases and "surprising" patterns are a lot more suspicious than a
> hard drive full of zeroes, especially if there's evidence that other data
> has been overwritten or erased.  If you present a hard drive full of zeroes
> or random numbers, there's nothing to charge you with.  If most of your data
> is random gibberish but there are a few telling phrases here and there, then
> there might be enough for the prosecution to bring charges, even if they
> aren't able to get a conviction.
> [snip]

The point is that they never get a hard-drive full of zeroes or random
numbers, but a hard-drive that have pieces of other data under the
zeroes or random numbers. That's why programs like "wipe" fills more
than 20 times the hard-drive with data. But filling 20 times a whole
disk can be very, very long, expecially if it's a 2TB USB drive. A
"quick" wipe filling a drive only 4 times, is often enouth, but...

If the police or spies look for determined words or sentences
(presumed not encryptered), at an unknown point on an unknown layer of
the disk, it will be much easier for them to find it if the rest was
random data (or video or whatever) than if it was random text that can
have a meaning when looking with a program, but not in front of a
Court.

I don't find Bipin's idea so bad, but I'm not sure it adds significant security.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ