Secure file deletion

[Gas1]

Hello, I would like to know if there is any references regarding the so-called "NSA" overwrite and where information can be obtained on this method, if it even exists.

 

"The NSA does not approve overwrite as an effective method for sanitizing hard disk media" [Dave Federspiel, Data Security, Inc)1

 

 

 

And more so, "Dr Peter Gutmann of the University of Auckland (NZ) made an exhaustive study of hard drive media a few years back. His analysis of their encoding techniques became the basis of his approach to secure deletion. His research is today the 'industry standard' work on the subject.

 

Dr Gutmann is also quick to understand that 'MILITARY', 'NISPOM', 'DOD' and 'NSA' algorithms are at best just so much smoke-screening, and for precisely the reason cited above, and therefore focused his research on what he knew the DOD and the NSA had to focus on: actual physical recording technology characteristics."

 

"There is no such thing as 'DOD' or 'NSA' secure delete for hard drives. There never has been and there never will be. On this the DOD and the NSA are unequivocal: The only secure delete for permanent media such as computer hard drives is incineration. Companies boasting use of 'DOD-approved' or 'NSA-approved' methods are citing standards for something entirely different - volatile memory - a subtlety they don't bother telling you about - naturally.

 

What the DOD and NSA sometimes recommend is that memory - RAM chips - be overwritten several times with Mickey Mouse algorithms as an extra precaution. They are not so dumb as to recommend something so simple for hard drives. (For that matter, neither the DOD nor the NSA are so dumb as to tell you what secure delete algorithms they really use - think about it.)

 

The only reason you find the DOD and the NSA quoted is because

 

1. it sounds good; and

 

2. the programmers can't do any better.

 

Otherwise, it's a complete hoax. The only approved method for secure delete is the Gutmann method - a method so difficult to understand, and even more difficult to implement, that most companies don't dare try. But if you really need secure delete, it's the only way to go." Rixstep2

 

So what to do?

Is it really safe to trust the file deletion method?

 

The only approved NSA method for shredding is here http://www.machine-solution.com/product-shredder8-1834.html

[agumon]

basically, secure file deletion may not 100% remove the files...

[cde]

I can't argue with you on the basic facts here - security services will have plenty of tricks up their sleeves to retrieve data, but destroying a HD platter at extreme temperatures isn't convenient for most users as part of their PC maintenance schedule.

 

The issue here is more about software recovery tools, such as Norton's Unerase Wizard and other similar programs.

 

They have no trouble finding "deleted" files because no effort is made by Windows to get rid of file contents when we empty the trash, cache or whatever. So with little effort, people can have their deletions undone, which they might not be happy with.

 

By offering a simple overwrite of the disk space previously occupied, CC can at least make the recovery process harder than a couple of clicks. Different recovery apps may be able to find file names, dates, sizes, perhaps fragments of data from old versions of trashed docs, but as a gesture towards security I think secure wiping is commendable.

 

After all, Linux and Mac OSX offer secure erasing within the OS itself - would they bother if it had no use?

 

A good solution may be running Portable Firefox from inside a Truecrypt volume, which could also hold many files, or investing in PGP with whole disk encryption, but this would also seem like overkill for most users.

 

Now where did I leave that furnace?

[agumon]

u dont get what i am saying right...?

use or no use doesnt mean they can 100% remove the files...

[lokoike]

u dont get what i am saying right...?

use or no use doesnt mean they can 100% remove the files...

 

Actually, I think he did understand you. cde was simply telling Gas1 the purpose of CCleaner's secure file deletion. All he meant was that it is good enough to keep programs from accessing your old data, so in that sense, it is fairly secure. But of course, if someone has the opportunity to rip open your hard drive and try to physically extract data, there is little or no stopping that.

 

Interesting information, Gas1. I didn't realize that volatile memory could keep those ghost fragments of data the way an HD does. Never thought of secure erasing my RAM too!

[burtman]

[quote name='lokoike' date='Feb 27 2006, 02:57 PM' post='31546'I didn't realize that volatile memory could keep those ghost fragments of data the way an HD does. Never thought of secure erasing my RAM too!

 

 

10 minutes apparently lokoike.

Now don't quote me on that - I actually have no idea where I read that.

Actually, I'm thinking Eraser help files...

(harass the SWAT team a bit [about 10 mins] as they swoop)

[lokoike]

(harass the SWAT team a bit [about 10 mins] as they swoop)

I suppose I could manage that. Harassing seems to come fairly naturally to me...

 

So by ten minutes, did you mean that is how long RAM can hold a charge? Do you think there would be anyway to explain my RAM "accidently" ending up in my microwave, assuming that ten minutes is hard to come by? My fear was that my harassing may actually hasten their desire to put me out of commission...