Furthermore techniques to read traditional magnetic drives will have a hard
time with flash memory similar to that of an iPhone
Baseband attacks should open the iPhone right up. They missed their chance
by now since the battery has died and sensitive data is not in memory
anymore.
On Mar 9, 2016 2:10 PM, "douglas rankine" <douglasrankine2001@xxxxxxxxxxx>
wrote:
Hi Michael,
I thought it might be too good to be true...Tx for the info...:-).
ATB
Dougie.
On 09/03/2016 20:56, Michael Best wrote:
Good job digging that up, and it does seem to support what you said
before. I think you're referring to *As concluded in [14]: “it is
effectively impossible to sanitize storage locations by simply overwriting
them, no matter how many overwrite passes are made or what data patterns
are written.”*
Which is a quote from P. Gutmann, “Secure Deletion of Data from Magnetic
and Solid-State Memory,” Proceedings of the Sixth USENIX Security
Symposium, pp. 22-25, 1996. It's available at
http://www.softpres.org/cache/SecureDeletionOfDataFromMagneticAndSolidStateMemory.pdf
The full quote from that paper is:
Data which is overwritten an arbitrarily large number of times can still
be recovered ***provided that the new data isn't written to the same
location as the original data (for magnetic media), or that the recovery
attempt is carried out fairly soon after the new data was written (for
RAM). For this reason*** it is effectively impossible to sanitise storage
locations by simple overwriting them, no matter how many overwrite passes
are made or what data patterns are written.
Emphasis added. Most modern tools account for this, and Mac even has built
in tools to overwrite the unused portion of disk seven times to securely
erase them and includes an option in the trash bin to securely erase by
overwriting those parts of the disk. A lot's changed from 1996.
On Wed, Mar 9, 2016 at 3:03 PM, douglas rankine <
douglasrankine2001@xxxxxxxxxxx> wrote:
see url: https://cryptome.org/2014/05/sse-protocol.pdf
Dear Michael Best & Colleagues,
Some time ago, I mentioned a paper that I had read which said that a hard
disk could not have all the information erased and that with the proper
forensic software, it would be possible to strip back each layer of
magnetic information right to when the disk was first made. I think I may
have found that research paper, and its contents might just be poignant to
the current case USG v Apple...or it might not... :-). My understanding is
that the storage hardware on the device will most likely be of the solid
state type, which is not as secure in being wiped, as a moving hard disk.
I have found that paper which I give the url above. The relevant paragraph
is on Page 1 at A.
Now, please understand, I am not a techie...and I may be getting the
conclusions about the ability to access original information on a hard disk
all wrong.
Or, I might be right, but Apple has progressed in its software technical
ability to destroy all the information on the phones storage system. But,
if I am not, then the present case between USG v Apple to get Apple to
produce a hack which will give access to the information on Farooks iphone
may be irrelevant. This is because of my surmise that the Apple erasure
software may not erase the information on the storage medium on the phone
to a point where it cannot be regained, at all. If my surmise is correct,
then there is no need for the FBI to bother about cracking the password
within 10 times...They can make as many attempts as they like...eventually,
they will crack the password and then get access to the information.
That is my theory...but as I say, I don't really know the ins and outs of
the technical stuff, or how all this forensic software works, or even how
sensitive it is to picking up on those magnetic layers of digitised
information. And there is a lot of techie stuff and mathematics here which
I don't understand, far less the molecular and nano stuff.
My surmise was triggered by the report of GCHQ actually making the
Gaurdian physically destroy not only the hard disk, but the motherboard and
other hardware components in the computer which contained the Snowden
documents...to their satisfaction. I wondered why they did this, rather
than use forensic erasure equipment to wipe it, or even just take away the
relevant bits of the computers and securely dispose of them...Perhaps it
was a publicity stunt after all...
Anyway, perhaps you guys on here can take a look at it and I'd be
grateful if you would tell me where I have gone wrong...Maybe it is just
some group out to make some money...
I hope this helps.
ATB
Dougie.
--
Veritas aequitas liberabit vos
Veri universum vici
That 1 Archive <http://that1archive.neocities.org/>
@NatSecGeek <https://twitter.com/NatSecGeek>
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: SKS 1.1.5
Comment: Hostname: pgp.mit.edu
mQINBChG9zoBEADKzALG4UHCjY6L9OFUxWRVGGCW7LY71K2EAK/0jkRh1wPkJ4chPaVJ3vVD
nJ0d8HxsyR5R3+y7GH6GCc/tK0IDPJah+xpQnraS1nWUvAlSaaxsBK4hJfuVGyfBg/joQVKU
OhpqJLQhRIkUWk30QC94IbOKiCTb6V4pStLYyrLieewjT481vvRIYp/48IS5eiveZW0/IpcA
HBON7xJw6P1murC8PNOJSWRCp9FJhcs3wIPG3cFTfsxSZnGcoivMgFLtGAfLbztpZkcHEMOR
4qamVvirzYGHma0UlOzyNr7xpxyLXFsU5kKzQ8Az2nP1GG7vuqXSjPNLIvvHFL+g+gKuCe9W
xTa9Ac038RRSiBGdDrvTFpQ/h9h5GWIHP7nsA4TCeZSpL81aqp7Cb0MK3KPQmteTPIujVCnx
jXXHrOe9Tj6iYUU8edApISyBEVFZMd+EtfDEDf/ZwDjzSGE85vv1dZ/ck7iJvS8FwM8hsRBG
U9huCKiItGs26teUJ2Sum49YaEiDL4QLQhJ+FbsAusxJg+V3GE/4w75K/6/czT0p10Mf66Uo
fRFTvYRE7S6CNDxzTI4q7+pnRlxMBduGC33KY4eq4Py/O3LWHBDxZ+LffIa/tWcB/7oZ6yDo
bdWleNk5wnJdPGr6lUTHTM4tpDIEcXYpvjzyLcMtg4tFm/Dc0QARAQABtGVNaWNoYWVsIEJl
c3QgKFByaXZhdGUsIG5vdCBzZWN1cmUuIEZvciBzZWN1cmUgZW1haWwsIHJlcXVlc3QgYSBv
bmUtdGltZSBrZXkuKSA8dGhlbWlrZWJlc3RAZ21haWwuY29tPokCPQQTAQoAJwUCKEb3OgIb
AwUJNXc1AAULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRCiYH9hY4dAS3e+D/sFwyJER4/4
ZnHYC/1EzCpHeDikSmULEgsvNgzo73thOV9/Q2I8mCJTlQjsK4rZ2YiDzi4b0CN8kzjpxtVz
BsBsxfyPLrdH4VoqeqeBVzbwHxSk7bYUI3vFt+e3gBgpAxbVfPXCnYUnWPRlr9dc/JZoPJH4
p8yRIqktehbAE3Fa3gkfrXJ5e6+/nKlQhikyvo9VuErrLpPMXBzOq4/2LVfurkcOzlp1RBjs
hWr6B98EiOXs44ZGLEkINxJiW8koFhw/WDuON8LKi/DtLiqqtBVTjrkqKCuKzSAVncGGcEVO
3Om3aOIOvG0do/wQKYXnpbeGsHwx2PGrJ7H+lb2bIb5KhbZkbG4rMTjsVnuGN+IF4BxBhmGz
MYoooWy4VCLL0o8keomU8JPXt+fZDqJ9sNjY/asTsjOa6aE3bIa6w3mWUeefGwA25oXur3Rr
L3wmu1pPzCejumfA1X93dS9UZS3xni+7W34g6YbsREuaZ+YBxFLN227JXAx2pEdjLsuVOaqM
9CO7ARHsxDZoE9U7n0s3txnSw/2YYwjEK1wDhdLnHBL3ZzaAcaHnpzsTYQAVW7uXKKHhzeSK
GP3O4ByCisM/7WLFvIIpaNNs85jI1PvKH0GutSTl9xXDfWuYMl9rwwbteBB/oGSxlIFe0pqq
IDNfAJdR/HjTLqrTES2wdXJS1bkCDQQoRvc6ARAAmltXrhVfpePdIFrfEHCet4nkQvmRI+AX
rUgiNlxQDW8M5FzlUfT2xpMXHMWuKehTYpFq7bNbFi+fwBhMajgvgDsTuLInftKSFp+sisbR
n8psv7CpGB4jp0Xd4y1Wm/HejV/kga0kcUVVetaqyzgZedn1UnccQRzDBVWW2j2ed+hi/8g0
/d7mbVG81yzJo8tLidM90xFF7JGlijm0dBAqmhD4UgkxSnJQ3PK5onqdjdbx7HkP68RrkeTQ
vhWK1978qzdSl9ljJ0jLnoAaDNPs5Dj/TyYCtqoKHUqMbTwU5nIQnJG7geMeSw/7OVnKlypF
Rs/JesZzMBooZTRxZJuIB/q0wOfE/MYTwGSwLs2brUwJFJ6bSYmerZ+81S8W/Y4mehJ3o6Vl
SabrrVN+LlBfUuRqd5U909WECzk6HVnwnRfL07zD+1y5cLU+e4MQs2227kLriTIxtDZ/umeG
hKQgNgFGTAPHJxA96xGvQ8Ovv+XEivlO0jxBNMIiopNSlMDE+k3nigWHuavt9LUUCOd45aw7
0pgKstQQgpFfVAwV98LPpUKxa61q6wQiQHAcP7YxuQG0dsr4nUq2xids5l1IpOLzZJ3nRThM
k7alkljBbqphbocV3FsSXOkpcSWns94k1QGmrPzEPLF0FHFBG6whWoaoEySMkdsN1zVu4GMU
o2EAEQEAAYkCJQQYAQoADwUCKEb3OgIbDAUJNXc1AAAKCRCiYH9hY4dASzTaEACKXVgc8KmZ
xWyYTUQgIwrj3J/re68uIilq0iBBDocgEZZpxyf6lD1V3IKBjAPpWyYHMrrrLY64rFDR+8DE
Xyhm1Wv2S6YJuWJtyAlS4bciXjJE6evirIH5GoFq++vzsufRaudAoQ56hJ0+Z3dNMMWZ6YuP
zWNNL2tvpdo3Nvd8bqiADWSffFdIPv5Yj/mZsXmaDN+7iWYlAdCrubGyGzFHlCh26Ghu6SS0
/u8x1/Oi7ma7fUMFnEsFiYjwBkD3pQKK1dm7j2f1OMxi8uky8vgBgx40aeJkoUgEvIHWsCIi
CWVTyfiGeWIcKbK7tYP5jsjV5fUv+TaQ1pApt++Pyop1aogfQ8icNBQQkdX6E4gNhnPOPTM8
FTl69Tq5Ori5+TM8VM0iPGiydlcAXIAD3OyR4tZM12Ga1AtppKjx31EyDB4SPzUmDWRy5WgG
NRH3+RgiK/iXVcvLdFIKj3/AvctSLdbayyaFD8zrE/wcMzLfie+iE231+rG/7gmcR3H1rcYE
vxvmWAPikLQKiMUpPBNSvfLPUTrwNSGiZ5ieAAPgOooc3u5nohwZmEW1pg6HirZgIAgAYuyL
aLgnikwH70guiQ4Ufsih3gy0ddsUwliUTtbYQyX0OBQoTUyaiXPy0Wu2FJfsxiW8X9Lu9pIH
KOwU9K76VKot+UikGqeFQsS/Ig==
=M+du
-----END PGP PUBLIC KEY BLOCK-----
