RE: Passphrase and swapfile (David Picón Álvarez)

Steve Butler sbutler@fchn.com
Fri Jun 7 21:44:03 2002 

Sorry, the same article talked about the magnetic flux left floating on RAM.
It's not as reliable and seems to be based on the length of time the value
remained in memory before shut down.

In the mid '70s there were rumors that the US government considered hard
drives on which classified information had been stored to continue to be
classified devices even after:
1.  Randomly written longitudinally.
2.  Randomly written transversely.
3.  Burned.
4.  Beaten to pulp.
5.  Buried in a dump for classified materials (highly secured).

They considered the data still vulnerable after taking all 5 steps.  Looks
like they were right.

On the other hand, this group has always said that when you give up physical
security of your computer you should consider everything to be compromised.

--Steve
Wondering when they'll be able to read the brain waves and pick off the last
10 layers of thought.

-----Original Message-----
From: Adrian 'Dagurashibanipal' von Bidder [mailto:avbidder@fortytwo.ch]
Sent: Friday, June 07, 2002 12:03 AM
To: gnupg-users@gnupg.org
Subject: RE: Passphrase and swapfile (David Picón Álvarez)


On Thu, 2002-06-06 at 17:18, Steve Butler wrote:
> In a recent article I read the authors showed that even overwriting =
does
> not prevent a well financed and determined group from picking off the
> last 4-5 layers.  It has to do with the stray magnetic fields and the
> heads not being exactly (down to the atom) positioned the same for =
each
> write.  In fact, that technology is used by some data recovery
> companies to pick off data one layer back.  So, even if it has been
> "properly" erased, somebody, with the right set of tools, can read it.

Yo!

When you begin to worry about such things, you'd better
 - destroy the discs physically
 - use only non-battery backed solid state disks

(at least I've never heard of anybody recovering data from a unplugged
DRAM, so I'd assume this would be really safe: install your system to
this disk, as soon as the attacker comes, pull the plug...)

cheers
-- vbi



-- 
secure email with gpg            avbidder@fortytwo.ch: key id 0x92082481
                                 avbidder@acter.ch:    key id 0x5E4B731F



CONFIDENTIALITY NOTICE:  This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information.  Any unauthorized review, use, disclosure or distribution is prohibited.  If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.