ALHOLK Posted December 19, 2001 Report Share Posted December 19, 2001 Hi! db_sed_aloha There is a serious flaw in your 'autoexec.bat' scheme. If you turn off your computer and leave it anyone one can boot it from a floppy or CD and avoid running the resident startup files. Also the 'deltree' command just marks the files as deleted same as the 'delete' command. The files can easily still be restored until they are overwritten. Anyone snooping can do this, be it resourcefull law enforcement or a computer literate wife/gf. Rest assured that any teenager with basic computer knowledge can do it. As for destroying the disc physically being the only secure way to destroy the information I don't think this is true any more. Fifteen years ago field service were not allowed to remove disc packs from Swedish military instalations. If they couldn't repair the on site the disc packs were smashed with sledge hammers. Today I think they just erase them. On the web site you mentioned there is a link to a Usenix paper titled "Secure Deletion of Data from Magnetic and Solid-State Memory" that is quite interesting. As always the security level should be adapted to the level of the anticipated threat. tyler durden quote: isn't there a one click program that'll do all that? Tre programs I mentioned 'Evidence Eliminator' and 'Windows Washer' do precisely that, regards ALHOLK Link to comment Share on other sites More sharing options...
adikgede Posted December 19, 2001 Report Share Posted December 19, 2001 My two cents on security: Its one thing to sanitize your PC, but don't forget that this in no way insures that there is not a packet filter somwhere on your LAN or that your ISP is not monitering logs. Unless you are encrypting e-mail, using https, or some kind of tunneling protocal, day to day much of what you say is passing over the net as plain text. When I was in school we were all givin our own ip numbers (even for dial up accounts) and you could find out alot about your classmates by filtering ip-numbers against access logs which were publically accessable. In my own mind the best form of security is to maintain virtual identities and take pains to insure that this never gets superimposed with your carbon image, which means don't fuck off at work, I've read the most insane stuff off of backed up mail spools months after you discarded the message. The funniest thing that ever happened to me was when a women claimed that the glass in her scanner broke because the lamp got to hot. When I swapped her out and set up the new scanner to our mutual suprise there was an impression of her fanny (both) in the preview window. Needless to say I didn't file an employee negligence report. The point being you really have to be deligent in cleaning up after yourself and some time thats not enough because you can't control all the computers that you touch if they are networked. Getting back to keeping a clean workstation you might consider these alternatives: 1. SuSE Linux 7.2 and greater offer the option of using an encrypted file system. So in the event that some one is able to mount your drive they would still have to decrypt it. Remember that you could be compelled by law or worse to unlock encrypted files. The only way around this is with a steganographic file system were encrypted files are hidden in other files or appear as random data. 2. A bootable CD with a live file system. I think you can do this with windows try searching "bootable+cd-rom." Linuxcare made a bootable cd that fits on a credit card size/shaped cd. It is really a wonderfull little distro. It has a gooey desktop with mozilla 0.81 and can use the vast majority of ethernet cards an probably any hardware modem. I keep a copy in my suitcase. If you should be interested in trying it out look for version 1.6 as the latest version (2.0) doesn't have the module/driver for realtek based ethernet cards. Adik Gede Link to comment Share on other sites More sharing options...
ALHOLK Posted December 19, 2001 Report Share Posted December 19, 2001 Hi! Adik Gede Everything you say is true but I don't think the original poster was trying to conceal information from the FBI or the NSA. I think it was more about hiding your tracks from snooping wives/girl friends and bosses. Concealing information from law enforcement is a completely different ball game. At the least very difficult and if they decide to tap into your internet connection albeit impossible. I to am an IT professional like suspect that you are but bear in mind that Linux is not an easy system for a novice to use. I started using Unix in the mid 80's and I still have to read the manual to configure a system. regards ALHOLK Link to comment Share on other sites More sharing options...
Guest Posted December 20, 2001 Report Share Posted December 20, 2001 Post deleted by DoxyBlue Link to comment Share on other sites More sharing options...
Guest Posted December 20, 2001 Report Share Posted December 20, 2001 Post deleted by DoxyBlue Link to comment Share on other sites More sharing options...
ALHOLK Posted December 20, 2001 Report Share Posted December 20, 2001 Hi! Adik Gede Restarting before shuting down would do the trick ofcourse but is easy to forget if you are in a hurry. quote: It takes surprisingly long to run 35 passes on a 9 Gig drive. Tell me about it. I have 80 gigs on my home computer. If I want to erase file slack or unused space I will start it in the morning before I go to work. regards ALHOLK Link to comment Share on other sites More sharing options...
adikgede Posted December 20, 2001 Report Share Posted December 20, 2001 Hi Adik Gede Everything you say is true but I don't think the original poster was trying to conceal information from the FBI or the NSA. I think it was more about hiding your tracks from snooping wives/girl friends and bosses. Concealing information from law enforcement is a completely different ball game. At the least very difficult and if they decide to tap into your internet connection albeit impossible. I to am an IT professional like suspect that you are but bear in mind that Linux is not an easy system for a novice to use. I started using Unix in the mid 80's and I still have to read the manual to configure a system. regards ALHOLK I couldn't agree with you more as to your first point, I am sure that clearing your history and cache before you quit IE is more than adequate in most cases. My remarks were meant, rather to adress db's rather elaborate instructions to sanitize a DOS workstation. Furthermore I hope anyone doing something illegal gets caught. If the FBI or NSA is interested in you they could certainly manufacture any evidence that an unfurtunate suspect failed to provide. As to your last point, I am paid to use a computer from time to time, but hardly a professional. I came to Linux from nearly ten years on a Mac, I just wanted a computer that didn't crash. Linux really isn't hard for a novice, infact if one is installing an OS from scratch I am certain that Linux installation is easier than MS Windows if we are talking about the most popular distributions outside of Slackware and Debian. In terms of ease of use if the OS is already installed I doubt a novice using the KDE gooey would notice they are using Linux/Unix. It is more likely that the experienced user would miss alot of the commercial software they are acustomed to. The Linuxcare bootable business card that I mentioned is very easy to use for a novice once they have gone throught the routine a few times I am certain that you could be browsing the internet in less time than it would take to clean up a public workstation. The important difference being that with the live CD you have to do the hard work before you get started and with a public workstation you have to do the hard work before you leave. I suspect that the latter is more prone to accidents. Link to comment Share on other sites More sharing options...
Guest Posted December 20, 2001 Report Share Posted December 20, 2001 There has just been a case where this pedo where I live has been sent down for a year. Not because he had illegal photos on his machine but they found traces of the sites visited and what had been viewed! This is a landmark case as in the UK if you have even accidently surfed to these site(I Knew him and I am sure it wasnt accidental) You can be convicted of creating an obsene photo. Since in non technical terms this is akin to someone posting you a letter which you receive and open to find porn. I expect that this will be reversed in a higher court. Link to comment Share on other sites More sharing options...
elef Posted December 20, 2001 Report Share Posted December 20, 2001 Hi, overwriting one time is not enough - up to 3 layers of magnetic information can be identified on the harddisk. In the 80's I remember Pentagon demanded that erase programs should overwrite deleted files 50 times with nonsense information. elef Link to comment Share on other sites More sharing options...
khunsanuk Posted December 20, 2001 Report Share Posted December 20, 2001 Hi, "Cookie management programs, I dunno. I get just as much functionality from what's built into IE6." Still using IE5.0. Have not bothered yet to download 6.0, it's what? 17Mb? Takes quite a while at 56K. "But there's still the big problem of site names being stored. Any program that remembers "always accept"or "always deny" is creating a record of those sites somewhere." Hmm, good point. They are stored on my machine though, and I am not really that worried about people finding out stuff from my machine. If anybody would ever get that close (being able to trace me from the web to my home), I don't think stuff like this would matter much. Sanuk! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.