[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <102526.1274850222@localhost>
Date: Wed, 26 May 2010 01:03:42 -0400
From: Valdis.Kletnieks@...edu
To: Bipin Gautam <bipin.gautam@...il.com>
Cc: full-disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: Stealthier Internet access
On Wed, 26 May 2010 10:15:32 +0545, Bipin Gautam said:
> > it's a *bad* sector, so reading and recovering the data is a bitch...
>
> No, storing in Negative Disk, bad sector, stenography, slack space are
> all bad places to store data!
No, I meant it's usually not worth worrying that if the disk has done a
hardware assignment of a replacement sector for a *real* live actual
the-hardware-barfs-on-it bad sector, you can usually not worry about the
contents of that bad sector, as the drive hardware won't let you access it
directly anymore, redirecting you to the new replacement block. So basically,
somebody needs to take the disk apart and start doing the clean-room data
recovery routine off the disk, trying to read 512 bytes of data at a time off
known-physically-bad areas of the disk.
And if your threat model includes adversaries that will do that, then
you *really* need to be using full-disk encryption and thermite in your
counter-defenses. Oh, and a good countermeasure for rubber-hose crypto. ;)
Content of type "application/pgp-signature" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists