[cryptome] Re: Secure Storage and Erasure Protocol: Research Paper

  • From: John Young <jya@xxxxxxxxxxxx>
  • To: cryptome@xxxxxxxxxxxxx
  • Date: Thu, 10 Mar 2016 10:56:03 -0500

There are reports data has been recovered from fragments of hard disk platters. Thanks to redundancy of writes, sometimes entire files are recovered from small fragments.

Presumably recovery can be done from flash chips, memory chips, anything used for storage, and in some cases used for transmission (from packetization and temp storage along the route). Recovery can be done from a distance without physical contact,either
simultaneously with movement or at rest.

CIA-NSA Special Collection Service's purpose is to do just that: what cannot be grabbed from the spectrum is burgled with breaking and entering or by implants (active, passive, inert).

The inert is the hardest to discover for it emits no signal, merely silently reflects it. And some of those are fake or easy to find to conceal the doozies.

Some of us emit signals from hearing aids, pacemakers, fitbits, teeth braces, prostheses,
along with the usual irrespressable unable to STFU EENT and the gadgets before us ratting on us.

Now then, why physically destroy storage media? To pass the time, feel good, please deity, erase the thought that it is to divert attention from thieves already here and gone. The Guardian sent a Fedex package to the New York Times supposedly containing the Snowden files, what was in it was a package of one-time pads with GCHQ at top and a note stating "your little fun is just beginning."

At 10:31 AM 3/10/2016, you wrote:

Hi Michael,
But you do get the point...don't you...Michael... :-) . Even the NSA physically destroys the storage media...It even recommends degaussing and other tools for destroying any residual information on the storage systems which they wish to dispose of, but they still destroy the media. GCHQ also physically destroys the media. Now...why do you think that is?   Could it be because, even with the best forensic and erasure tools in the world, they are uncertain of the outcome, uncertain enough about the ability to recover data, so that they have to dispose of their storage equipment by having to physically destroy it.

 Why not recycle it, send it to the likes of India or China or some of the other developed and developing countries, if they are sure that erasure works? Sell it off, save the taxpayer money...that is a lot of storage wot gets written off every year...3 years write down on computer equipment. Of course, it is probably just good security practice and keeps the security bods happy... :-) . Now, where does that leave the Apple erasure process in USG v Apple, one wonders....just a conjecture by the way...a mere spes...
ATB
Dougie.

On 10/03/2016 15:17, Michael Best wrote:
Degauss, melt, mix it together with a high level of entropy, recycle it as scrap metal. Homemade foundry is doable on the cheap, a handy person* can turn hard drives into ingots and ingots into ash trays, planters, springs, model replicas of scifi items (set phasers to stun!).Â

*i.e. not me, I'm clumsy as [expletive deleted]

On Thu, Mar 10, 2016 at 10:01 AM, douglas rankine <<mailto:douglasrankine2001@xxxxxxxxxxx>douglasrankine2001@xxxxxxxxxxx> wrote:
see url: <https://www.nsa.gov/ia/_files/Government/MDG/NSA_CSS_Storage_Device_Declassification_Manual.pdf>https://www.nsa.gov/ia/_files/Government/MDG/NSA_CSS_Storage_Device_Declassification_Manual.pdf
Tx for the url, John. I had a look...NSA recommends that all storage media as well as being degaussed, otherwise sanitised, should be physically destroyed on disposal. SSE as well as other storage media should be burned to ash.
No recycling of NSA hardware storage systems then, all have to be physically destroyed...must be a reason.

As an aside: The NSA degaussing procedure reminded me of my younger days as a tv repairman, in the days when colour televisions were made out of glass and metal and wieghed a ton. We used to carry around a degaussing coil, so that we could demagnetise colour televisions. In the good old days, colour televisions had a large metal plate, full of precisely engineered tiny holes, behind the glass flourescent screen of the colour tube. (not like todays bit of plastic monitors) The metal screen tended to get magnetised over a period of time in two ways, one because it was just sitting there in the same place in the house all the time and the Earth's magnetic field used to magnetise it. The other way, was when the housewife...or perhaps house husband (a very rare person indeed in those days) used the vacuum cleaner and switched it off too close to the television set, so causing the magnetic emanations to corrupt the metal screen. Although every screen had its own degaussing coil surrounding it which switched on for a short while, whilst the television was warming up, it sometimes wasn't strong enough to degauss the metal. The symptoms of this magnetisation were a change of colour on the flourescent screen and a series of rainbow like patterns, due to the photons being deflected in a slightly different direction as they went through the scan coils on to the holes in the metal screen, so hitting the wrong flourescent dots on the glass screen at the front. Customers used to phone us up in despair, pink faces being turned into multicoloured skins.  They were most impressed when us guys came along and did our little bit o' magic, switching on our degaussing coil and waving it around the screen like a magic wand and saying "Abracadabra". Got many a tip out of that...:-) .
ATB
Dougie.



On 09/03/2016 22:02, John Young wrote:
NSA has several guides on degaussing and demagnetization of media

<https://www.nsa.gov/applications/search/index.cfm?q=demagnetization&x=23&y=12>https://www.nsa.gov/applications/search/index.cfm?q=demagnetization&x=23&y=12

However, not likely to disclose the very best and latest about anything, but
will provide, like GCHQ and others, guidance on "information assurance"
through university partners, contractors, conferences, hearings, study
commissions, web sites, blogs, dual-hatted comsec experts, ex-officials
now in business, unauthorized disclosures such as Snowden's and Manning's,
and the industry of dumbfounding, tail-chasing, redacted, cherry-picked FOIAs.

The Internet will never be degaussed, much less highly magnetized and gaussed
IoT, Wayback, secure drops, searches, mail lists, the sun, sea and sand.









--
Veritas aequitas liberabit vos
Veri universum vici

<http://that1archive.neocities.org/>That 1 Archive
<https://twitter.com/NatSecGeek>@NatSecGeek

-----BEGIN PGP PUBLIC KEY BLOCK-----


Version: SKS 1.1.5
Comment: Hostname: <http://pgp.mit.edu>pgp.mit.edu

mQINBChG9zoBEADKzALG4UHCjY6L9OFUxWRVGGCW7LY71K2EAK/0jkRh1wPkJ4chPaVJ3vVD
nJ0d8HxsyR5R3+y7GH6GCc/tK0IDPJah+xpQnraS1nWUvAlSaaxsBK4hJfuVGyfBg/joQVKU
OhpqJLQhRIkUWk30QC94IbOKiCTb6V4pStLYyrLieewjT481vvRIYp/48IS5eiveZW0/IpcA
HBON7xJw6P1murC8PNOJSWRCp9FJhcs3wIPG3cFTfsxSZnGcoivMgFLtGAfLbztpZkcHEMOR
4qamVvirzYGHma0UlOzyNr7xpxyLXFsU5kKzQ8Az2nP1GG7vuqXSjPNLIvvHFL+g+gKuCe9W
xTa9Ac038RRSiBGdDrvTFpQ/h9h5GWIHP7nsA4TCeZSpL81aqp7Cb0MK3KPQmteTPIujVCnx
jXXHrOe9Tj6iYUU8edApISyBEVFZMd+EtfDEDf/ZwDjzSGE85vv1dZ/ck7iJvS8FwM8hsRBG
U9huCKiItGs26teUJ2Sum49YaEiDL4QLQhJ+FbsAusxJg+V3GE/4w75K/6/czT0p10Mf66Uo
fRFTvYRE7S6CNDxzTI4q7+pnRlxMBduGC33KY4eq4Py/O3LWHBDxZ+LffIa/tWcB/7oZ6yDo
bdWleNk5wnJdPGr6lUTHTM4tpDIEcXYpvjzyLcMtg4tFm/Dc0QARAQABtGVNaWNoYWVsIEJl
c3QgKFByaXZhdGUsIG5vdCBzZWN1cmUuIEZvciBzZWN1cmUgZW1haWwsIHJlcXVlc3QgYSBv
bmUtdGltZSBrZXkuKSA8dGhlbWlrZWJlc3RAZ21haWwuY29tPokCPQQTAQoAJwUCKEb3OgIb
AwUJNXc1AAULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRCiYH9hY4dAS3e+D/sFwyJER4/4
ZnHYC/1EzCpHeDikSmULEgsvNgzo73thOV9/Q2I8mCJTlQjsK4rZ2YiDzi4b0CN8kzjpxtVz
BsBsxfyPLrdH4VoqeqeBVzbwHxSk7bYUI3vFt+e3gBgpAxbVfPXCnYUnWPRlr9dc/JZoPJH4
p8yRIqktehbAE3Fa3gkfrXJ5e6+/nKlQhikyvo9VuErrLpPMXBzOq4/2LVfurkcOzlp1RBjs
hWr6B98EiOXs44ZGLEkINxJiW8koFhw/WDuON8LKi/DtLiqqtBVTjrkqKCuKzSAVncGGcEVO
3Om3aOIOvG0do/wQKYXnpbeGsHwx2PGrJ7H+lb2bIb5KhbZkbG4rMTjsVnuGN+IF4BxBhmGz
MYoooWy4VCLL0o8keomU8JPXt+fZDqJ9sNjY/asTsjOa6aE3bIa6w3mWUeefGwA25oXur3Rr
L3wmu1pPzCejumfA1X93dS9UZS3xni+7W34g6YbsREuaZ+YBxFLN227JXAx2pEdjLsuVOaqM
9CO7ARHsxDZoE9U7n0s3txnSw/2YYwjEK1wDhdLnHBL3ZzaAcaHnpzsTYQAVW7uXKKHhzeSK
GP3O4ByCisM/7WLFvIIpaNNs85jI1PvKH0GutSTl9xXDfWuYMl9rwwbteBB/oGSxlIFe0pqq
IDNfAJdR/HjTLqrTES2wdXJS1bkCDQQoRvc6ARAAmltXrhVfpePdIFrfEHCet4nkQvmRI+AX
rUgiNlxQDW8M5FzlUfT2xpMXHMWuKehTYpFq7bNbFi+fwBhMajgvgDsTuLInftKSFp+sisbR
n8psv7CpGB4jp0Xd4y1Wm/HejV/kga0kcUVVetaqyzgZedn1UnccQRzDBVWW2j2ed+hi/8g0
/d7mbVG81yzJo8tLidM90xFF7JGlijm0dBAqmhD4UgkxSnJQ3PK5onqdjdbx7HkP68RrkeTQ
vhWK1978qzdSl9ljJ0jLnoAaDNPs5Dj/TyYCtqoKHUqMbTwU5nIQnJG7geMeSw/7OVnKlypF
Rs/JesZzMBooZTRxZJuIB/q0wOfE/MYTwGSwLs2brUwJFJ6bSYmerZ+81S8W/Y4mehJ3o6Vl
SabrrVN+LlBfUuRqd5U909WECzk6HVnwnRfL07zD+1y5cLU+e4MQs2227kLriTIxtDZ/umeG
hKQgNgFGTAPHJxA96xGvQ8Ovv+XEivlO0jxBNMIiopNSlMDE+k3nigWHuavt9LUUCOd45aw7
0pgKstQQgpFfVAwV98LPpUKxa61q6wQiQHAcP7YxuQG0dsr4nUq2xids5l1IpOLzZJ3nRThM
k7alkljBbqphbocV3FsSXOkpcSWns94k1QGmrPzEPLF0FHFBG6whWoaoEySMkdsN1zVu4GMU
o2EAEQEAAYkCJQQYAQoADwUCKEb3OgIbDAUJNXc1AAAKCRCiYH9hY4dASzTaEACKXVgc8KmZ
xWyYTUQgIwrj3J/re68uIilq0iBBDocgEZZpxyf6lD1V3IKBjAPpWyYHMrrrLY64rFDR+8DE
Xyhm1Wv2S6YJuWJtyAlS4bciXjJE6evirIH5GoFq++vzsufRaudAoQ56hJ0+Z3dNMMWZ6YuP
zWNNL2tvpdo3Nvd8bqiADWSffFdIPv5Yj/mZsXmaDN+7iWYlAdCrubGyGzFHlCh26Ghu6SS0
/u8x1/Oi7ma7fUMFnEsFiYjwBkD3pQKK1dm7j2f1OMxi8uky8vgBgx40aeJkoUgEvIHWsCIi
CWVTyfiGeWIcKbK7tYP5jsjV5fUv+TaQ1pApt++Pyop1aogfQ8icNBQQkdX6E4gNhnPOPTM8
FTl69Tq5Ori5+TM8VM0iPGiydlcAXIAD3OyR4tZM12Ga1AtppKjx31EyDB4SPzUmDWRy5WgG
NRH3+RgiK/iXVcvLdFIKj3/AvctSLdbayyaFD8zrE/wcMzLfie+iE231+rG/7gmcR3H1rcYE
vxvmWAPikLQKiMUpPBNSvfLPUTrwNSGiZ5ieAAPgOooc3u5nohwZmEW1pg6HirZgIAgAYuyL
aLgnikwH70guiQ4Ufsih3gy0ddsUwliUTtbYQyX0OBQoTUyaiXPy0Wu2FJfsxiW8X9Lu9pIH
KOwU9K76VKot+UikGqeFQsS/Ig==
=M+du
-----END PGP PUBLIC KEY BLOCK-----



Other related posts: