data shredder

Amedee Van Gasse (ub) amedee-ubuntu at amedee.be
Mon Dec 21 22:23:28 UTC 2009 

On Mon, December 21, 2009 18:36, Kent Borg wrote:
> Gilles Gravier wrote:
>> The problem with these commands, is that you're not really helping...
>> Forensics tools will read below one or more levels of re-write.
>
> Yes, you are helping.
>
> Also, it depends on who you are worried about.
>
> If you are a normalish person who isn't in the sights of a motivated and
> well funded foe, a single pass of quality random data is going to be
> quite secure. Particularly if you layer it with some other discipline:
>
> 1. Run whole disk encryption, Ubuntu will do that for you (though I
> think you need to use the alternate install disc). Regularly wiping
> unused space inside an encrypted volume is going to make recovery a
> significant problem for anyone. Make sure your swap is also encrypted.
> Keep your computer physically secure: /boot will still be unencrypted so
> you need to trust that /boot hasn't been tampered with.
>
> 2. Use quality passwords (don't dream up something clever that you think
> is random, instead think up a password choosing *method*, something that
> incorporates actually random input and start flipping real coins). Make
> sure they are long enough. If someone casually watching you type your
> password doesn't make a funny face because it is so long--it isn't long
> enough.
>
> 3. Never reuse passwords you care about on different systems.
>
> 4. Never type important passwords on keyboards you don't trust and
> mostly don't trust many keyboards. Don't trust Bluetooth keyboards,
> don't trust keyboards on computers in hotels and airports and cyber
> cafes, don't trust your mother's computer, don't trust "your" computer
> at work, and don't trust computers running any Microsoft software.
>
> 5. Don't let untrusted software run on your computer. Stick to open
> source software (not Skype), use mainstream software that others will be
> worried about too, keep your installation minimal, never use proprietary
> device drivers, keep your software up to date. Spyware, spyware,
> spyware: If someone can get you to give away your passwords then all
> your other efforts are worthless. Assume all commercial software is
> spyware (what will company X do when asked by the feds for backdoor
> access?, particularly when some Patriot Act provision threatens them
> with jail for even sneezing wrong).
>
> 6. Write down your passwords. If you don't keep a list you can't both
> use quality passwords and never recycle them--it is impossible to
> remember that many quality passwords. Go ahead and encrypt the list, or
> use bad handwriting and do some mangling that will make it not so useful
> for someone who might find it. Keep a backup copy of the list so you can
> go change all your passwords if the primary list gets lost. Don't
> photocopy a physical list on a digital copier (and they all are digital
> these days), keep it up-to-date by hand.
>
> 7. Make sure your data backups are as secure as your working copy.
>
> 8. Figure out what I missed in these points that might apply in your
> situation: Think about all the weak links.
>
> Does that sound like an excessively paranoid list?
>
> Unless you cover all the other ways your data can get out, the least of
> your worries is some slow, laborious, and expensive magnetic microscopic
> reading through dozens or hundreds of gigabytes of overwritten data. I
> can't believe it is easy to recover old data on modern disks of dizzying
> data density. And you probably just aren't worth that kind of effort.
> Though you might be worth quietly installing a little software that
> records what you type on your keyboard, including your passwords. You
> might be worth forcing Google to give up your gmail password and forcing
> your bank to give up your online banking password and trying those
> passwords on your encrypted data.
>
>
> Figure out how paranoid you want to be, then think through all the
> implications. (A fancy lock on your front door doesn't mean much alone,
> consider all the other ways into your house.) Don't fixate on one little
> technology, or you risk having your foes just step around it.
>
>
> -kb, the Kent who recently wrote a much faster yet simple random number
> generator in Python* specifically so wiping empty space will be practical.
>
>
> * No, I didn't write any cryptographic primitives, mostly no one
> slightly normal ever should, instead I combined /dev/urandom with
> AES-256 encryption and a high resolution timestamp to pump out random
> data much faster than /dev/urandom or /dev/random, yet it should be damn
> high quality--that is if AES-256 and /dev/urandom are secure, and if I
> didn't do anything stupid.

You're so much better with words than I am!

-- 
Amedee

More information about the ubuntu-users mailing list