Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Disk wiping -- An alternate approach?
From: T Biehn <tbiehn () gmail com>
Date: Tue, 26 Jan 2010 11:10:29 -0500

Oh yeah, another note: If you use a chaining block cipher than you
only need to wipe the first block to make the rest of your data
unrecoverable. Most FDE's actually use a pw to decrypt the actual
decryption key, that block functions much the same, if you can wipe
that then the rest of the data is unusable.
Note, anyone who has pulled your key from memory via trojan or other
means at an earlier time will be able to recover your data unless the
first block of the stream has been wiped. This might be common
practice in sneak and peek routines.

-Travis

On Tue, Jan 26, 2010 at 11:04 AM, Christian Sciberras <uuf6429 () gmail com> wrote:
I was thinking, since all this (reasonable) fuss on wiping a disk over 10
times to ensure non-readability, how come we're yet very limited on space
usage?
If, for example, I overwrote a bitmap file with a text one, what stops the
computer from recovering/storing both (without using additional space)?
Just a couple curiosities of mine.





On Tue, Jan 26, 2010 at 4:08 PM, Michael Holstein
<michael.holstein () csuohio edu> wrote:

By the way, does somebody knows about the flash memory?
Is zeroing a whole usb key enough to make the data unrecoverable?


No, wear-leveling (done at the memory controller level) will dynamically
re-map addresses on the actual flash chip to ensure a relatively
consistent number of write cycles across the entire drive.

The only way to completely "wipe" a flash disk is with a hammer.

Regards,

Michael Holstein
Cleveland State University

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




-- 
FD1D E574 6CAB 2FAF 2921  F22E B8B7 9D0D 99FF A73C
http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on
http://pastebin.com/f6fd606da

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault