Keylogger

[Xen]

Colin Watson schreef op 03-12-2017 1:55:
> On Sun, Dec 03, 2017 at 08:49:22AM +0900, Joel Rees wrote:
>> If you are doing things that your local version of the NSA has 
>> interest in
>> (or your local organized crime guys), for the cost of a scanning 
>> electron
>> microscope and a bit of time, all sorts of things are recoverable.
> 
> Do you have a citation for a case where this has in fact been done 
> after
> a single straightforward pass of overwriting with (e.g.) zeroes?  This
> idea has been wandering around for a long time, but it often seems to
> resist substantiation.
> 
> https://www.nber.org/sys-admin/overwritten-data-gutmann.html and
> http://www.infosecisland.com/blogview/16130-The-Urban-Legend-of-Multipass-Hard-Disk-Overwrite.html
> (aside from the annoying popup in the latter case) look like plausible
> rebuttals.

Shred by default overwrites something like 20-30 times.

"At worst, they are a waste of time and electricity."

I was installing Debian the other day on some system. The "secure erase" 
option probably used shred in its default state.

This meant that instead of taking 10 minutes to clear a 50GB partition, 
it would probably have taken hours.

This is what I mean with "misjudgement of priorities".

I had to manually go into a shell that at first I had forgotten how to 
activate,

and issue a manual dd if=/dev/zero command to 2 partitions.

For no other reason than that paranoid people want me to take several 
hours clearing a rather smallish partition.

The same paranoia underlies the gygantum VeraCrypt iteration design that 
asks people to wait 30 seconds for every password attempt.

This misjudgement of priorities renders Linux unusable.