[cryptome] Re: Secure Storage and Erasure Protocol: Research Paper

  • From: douglas rankine <douglasrankine2001@xxxxxxxxxxx>
  • To: cryptome@xxxxxxxxxxxxx
  • Date: Wed, 9 Mar 2016 21:09:37 +0000

Hi Michael,
I thought it might be too good to be true...Tx for the info...:-).
ATB
Dougie.

On 09/03/2016 20:56, Michael Best wrote:

Good job digging that up, and it does seem to support what you said before. I think you're referring to *As concluded in [14]: “it is effectively impossible to sanitize storage locations by simply overwriting them, no matter how many overwrite passes are made or what data patterns are written.”*
*
*
Which is a quote from P. Gutmann, “Secure Deletion of Data from Magnetic and Solid-State Memory,” Proceedings of the Sixth USENIX Security Symposium, pp. 22-25, 1996. It's available at http://www.softpres.org/cache/SecureDeletionOfDataFromMagneticAndSolidStateMemory.pdf

The full quote from that paper is:

Data which is overwritten an arbitrarily large number of times can still be recovered ***provided that the new data isn't written to the same location as the original data (for magnetic media), or that the recovery attempt is carried out fairly soon after the new data was written (for RAM). For this reason*** it is effectively impossible to sanitise storage locations by simple overwriting them, no matter how many overwrite passes are made or what data patterns are written.

Emphasis added. Most modern tools account for this, and Mac even has built in tools to overwrite the unused portion of disk seven times to securely erase them and includes an option in the trash bin to securely erase by overwriting those parts of the disk. A lot's changed from 1996.

On Wed, Mar 9, 2016 at 3:03 PM, douglas rankine <douglasrankine2001@xxxxxxxxxxx <mailto:douglasrankine2001@xxxxxxxxxxx>> wrote:

    see url: https://cryptome.org/2014/05/sse-protocol.pdf

    Dear Michael Best & Colleagues,

    Some time ago, I mentioned a paper that I had read which said that
    a hard disk could not have all the information erased and that
    with the proper forensic software, it would be possible to strip
    back each layer of magnetic information right to when the disk was
    first made.  I think I may have found that research paper, and its
    contents might just be poignant to the current case USG v
    Apple...or it might not... :-). My understanding is that the
    storage hardware on the device will most likely be of the solid
    state type, which is not as secure in being wiped, as a moving
hard disk. I have found that paper which I give the url above. The relevant paragraph is on Page 1 at A.

      Now, please understand, I am not a techie...and I may be getting
    the conclusions about the ability to access original information
    on a hard disk all wrong.

     Or, I might be right, but Apple has progressed in its software
    technical ability to destroy all the information on the phones
    storage system.  But, if I am not, then the present case between
    USG v Apple to get Apple to produce a hack which will give access
    to the information on Farooks iphone may be irrelevant.  This is
    because of my surmise that the Apple erasure software may not
    erase the information on the storage medium on the phone to a
    point where it cannot be regained, at all. If my surmise is
    correct, then there is no need for the FBI to bother about
    cracking the password within 10 times...They can make as many
    attempts as they like...eventually, they will crack the password
    and then get access to the information.

    That is my theory...but as I say, I don't really know the ins and
    outs of the technical stuff, or how all this forensic software
    works, or even how sensitive it is to picking up on those magnetic
    layers of digitised information.  And there is a lot of techie
    stuff and mathematics here which I don't understand, far less the
    molecular and nano stuff.

    My surmise was triggered by the report of GCHQ actually making the
    Gaurdian physically destroy not only the hard disk, but the
    motherboard and other hardware components in the computer which
    contained the Snowden documents...to their satisfaction. I
    wondered why they did this, rather than use forensic erasure
    equipment to wipe it, or even just take away the relevant bits of
    the computers and securely dispose of them...Perhaps it was a
    publicity stunt after all...

    Anyway, perhaps you guys on here can take a look at it and I'd be
    grateful if you would tell me where I have gone wrong...Maybe it
    is just some group out to make some money...

    I hope this helps.
    ATB
    Dougie.





--
Veritas aequitas liberabit vos
Veri universum vici

That 1 Archive <http://that1archive.neocities.org/>
@NatSecGeek <https://twitter.com/NatSecGeek>
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: SKS 1.1.5
Comment: Hostname:pgp.mit.edu <http://pgp.mit.edu>

mQINBChG9zoBEADKzALG4UHCjY6L9OFUxWRVGGCW7LY71K2EAK/0jkRh1wPkJ4chPaVJ3vVD
nJ0d8HxsyR5R3+y7GH6GCc/tK0IDPJah+xpQnraS1nWUvAlSaaxsBK4hJfuVGyfBg/joQVKU
OhpqJLQhRIkUWk30QC94IbOKiCTb6V4pStLYyrLieewjT481vvRIYp/48IS5eiveZW0/IpcA
HBON7xJw6P1murC8PNOJSWRCp9FJhcs3wIPG3cFTfsxSZnGcoivMgFLtGAfLbztpZkcHEMOR
4qamVvirzYGHma0UlOzyNr7xpxyLXFsU5kKzQ8Az2nP1GG7vuqXSjPNLIvvHFL+g+gKuCe9W
xTa9Ac038RRSiBGdDrvTFpQ/h9h5GWIHP7nsA4TCeZSpL81aqp7Cb0MK3KPQmteTPIujVCnx
jXXHrOe9Tj6iYUU8edApISyBEVFZMd+EtfDEDf/ZwDjzSGE85vv1dZ/ck7iJvS8FwM8hsRBG
U9huCKiItGs26teUJ2Sum49YaEiDL4QLQhJ+FbsAusxJg+V3GE/4w75K/6/czT0p10Mf66Uo
fRFTvYRE7S6CNDxzTI4q7+pnRlxMBduGC33KY4eq4Py/O3LWHBDxZ+LffIa/tWcB/7oZ6yDo
bdWleNk5wnJdPGr6lUTHTM4tpDIEcXYpvjzyLcMtg4tFm/Dc0QARAQABtGVNaWNoYWVsIEJl
c3QgKFByaXZhdGUsIG5vdCBzZWN1cmUuIEZvciBzZWN1cmUgZW1haWwsIHJlcXVlc3QgYSBv
bmUtdGltZSBrZXkuKSA8dGhlbWlrZWJlc3RAZ21haWwuY29tPokCPQQTAQoAJwUCKEb3OgIb
AwUJNXc1AAULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRCiYH9hY4dAS3e+D/sFwyJER4/4
ZnHYC/1EzCpHeDikSmULEgsvNgzo73thOV9/Q2I8mCJTlQjsK4rZ2YiDzi4b0CN8kzjpxtVz
BsBsxfyPLrdH4VoqeqeBVzbwHxSk7bYUI3vFt+e3gBgpAxbVfPXCnYUnWPRlr9dc/JZoPJH4
p8yRIqktehbAE3Fa3gkfrXJ5e6+/nKlQhikyvo9VuErrLpPMXBzOq4/2LVfurkcOzlp1RBjs
hWr6B98EiOXs44ZGLEkINxJiW8koFhw/WDuON8LKi/DtLiqqtBVTjrkqKCuKzSAVncGGcEVO
3Om3aOIOvG0do/wQKYXnpbeGsHwx2PGrJ7H+lb2bIb5KhbZkbG4rMTjsVnuGN+IF4BxBhmGz
MYoooWy4VCLL0o8keomU8JPXt+fZDqJ9sNjY/asTsjOa6aE3bIa6w3mWUeefGwA25oXur3Rr
L3wmu1pPzCejumfA1X93dS9UZS3xni+7W34g6YbsREuaZ+YBxFLN227JXAx2pEdjLsuVOaqM
9CO7ARHsxDZoE9U7n0s3txnSw/2YYwjEK1wDhdLnHBL3ZzaAcaHnpzsTYQAVW7uXKKHhzeSK
GP3O4ByCisM/7WLFvIIpaNNs85jI1PvKH0GutSTl9xXDfWuYMl9rwwbteBB/oGSxlIFe0pqq
IDNfAJdR/HjTLqrTES2wdXJS1bkCDQQoRvc6ARAAmltXrhVfpePdIFrfEHCet4nkQvmRI+AX
rUgiNlxQDW8M5FzlUfT2xpMXHMWuKehTYpFq7bNbFi+fwBhMajgvgDsTuLInftKSFp+sisbR
n8psv7CpGB4jp0Xd4y1Wm/HejV/kga0kcUVVetaqyzgZedn1UnccQRzDBVWW2j2ed+hi/8g0
/d7mbVG81yzJo8tLidM90xFF7JGlijm0dBAqmhD4UgkxSnJQ3PK5onqdjdbx7HkP68RrkeTQ
vhWK1978qzdSl9ljJ0jLnoAaDNPs5Dj/TyYCtqoKHUqMbTwU5nIQnJG7geMeSw/7OVnKlypF
Rs/JesZzMBooZTRxZJuIB/q0wOfE/MYTwGSwLs2brUwJFJ6bSYmerZ+81S8W/Y4mehJ3o6Vl
SabrrVN+LlBfUuRqd5U909WECzk6HVnwnRfL07zD+1y5cLU+e4MQs2227kLriTIxtDZ/umeG
hKQgNgFGTAPHJxA96xGvQ8Ovv+XEivlO0jxBNMIiopNSlMDE+k3nigWHuavt9LUUCOd45aw7
0pgKstQQgpFfVAwV98LPpUKxa61q6wQiQHAcP7YxuQG0dsr4nUq2xids5l1IpOLzZJ3nRThM
k7alkljBbqphbocV3FsSXOkpcSWns94k1QGmrPzEPLF0FHFBG6whWoaoEySMkdsN1zVu4GMU
o2EAEQEAAYkCJQQYAQoADwUCKEb3OgIbDAUJNXc1AAAKCRCiYH9hY4dASzTaEACKXVgc8KmZ
xWyYTUQgIwrj3J/re68uIilq0iBBDocgEZZpxyf6lD1V3IKBjAPpWyYHMrrrLY64rFDR+8DE
Xyhm1Wv2S6YJuWJtyAlS4bciXjJE6evirIH5GoFq++vzsufRaudAoQ56hJ0+Z3dNMMWZ6YuP
zWNNL2tvpdo3Nvd8bqiADWSffFdIPv5Yj/mZsXmaDN+7iWYlAdCrubGyGzFHlCh26Ghu6SS0
/u8x1/Oi7ma7fUMFnEsFiYjwBkD3pQKK1dm7j2f1OMxi8uky8vgBgx40aeJkoUgEvIHWsCIi
CWVTyfiGeWIcKbK7tYP5jsjV5fUv+TaQ1pApt++Pyop1aogfQ8icNBQQkdX6E4gNhnPOPTM8
FTl69Tq5Ori5+TM8VM0iPGiydlcAXIAD3OyR4tZM12Ga1AtppKjx31EyDB4SPzUmDWRy5WgG
NRH3+RgiK/iXVcvLdFIKj3/AvctSLdbayyaFD8zrE/wcMzLfie+iE231+rG/7gmcR3H1rcYE
vxvmWAPikLQKiMUpPBNSvfLPUTrwNSGiZ5ieAAPgOooc3u5nohwZmEW1pg6HirZgIAgAYuyL
aLgnikwH70guiQ4Ufsih3gy0ddsUwliUTtbYQyX0OBQoTUyaiXPy0Wu2FJfsxiW8X9Lu9pIH
KOwU9K76VKot+UikGqeFQsS/Ig==
=M+du
-----END PGP PUBLIC KEY BLOCK-----

Other related posts: