Security Basics mailing list archives
Re: Fash cards sanitization from Nokia Symbian and WM5/6
From: gjgowey () tmo blackberry net
Date: Fri, 28 Sep 2007 22:50:29 +0000
Fouo and below is what you're referencing. That's a universal policy for anything that's connected to niprnet (the internet). Siprnet is where all the classified stuff goes through and that is an entirely separate, segregated network (dism) that has computers that are not dual-connected on it and the connections are all encrypted. Depending on the installation, unit, etc. there maybe one system with siprnet access or there may be none. Geoff Sent from my BlackBerry wireless handheld. -----Original Message----- From: Ryan Chow <rynchow () gmail com> Date: Sat, 29 Sep 2007 08:43:55 To:"gjgowey () tmo blackberry net" <gjgowey () tmo blackberry net> Cc:Luis Lopez Sanchez <luis.lopez () atosorigin com>,"listbounce () securityfocus com" <listbounce () securityfocus com>,"security-basics () lists securityfocus com" <security-basics () lists securityfocus com> Subject: Re: Fash cards sanitization from Nokia Symbian and WM5/6 In the case of blackberries it should be noted that only the lowest security classified information is allowed to be accessed. This is the case in Australia for government use. For that level of assurance the blackberry provides sufficent data security. The best advice i have would be to contact the manufacturer and ask what their internal wiping process does unless you have access to your own facilities to conduct this type of evaluation. And then run this process many times to achieve a wipe. - ryan, Sent from my iPhone. On Sep 29, 2007, at 7:53 AM, gjgowey () tmo blackberry net wrote:
Be careful. If it's a GSM phone it might not be storing messages and all other info necessarilly to the card. My blackberry here stores to internal device memory by default and not the card. I guess that's so if I do a reset the info is definitely destroyed (btw- blackberry's are used by DoD so I think that's enough assurance for me that this device is sufficiently secure in its data protection). Geoff Sent from my BlackBerry wireless handheld. -----Original Message----- From: Ryan Chow <rynchow () gmail com> Date: Sat, 29 Sep 2007 07:46:31 To:Luis Lopez Sanchez <luis.lopez () atosorigin com> Cc:"gjgowey () tmo blackberry net" <gjgowey () tmo blackberry net>,"listbounce () securityfocus com " <listbounce () securityfocus com>,"security-basics () lists securityfocus com " <security-basics () lists securityfocus com> Subject: Re: Fash cards sanitization from Nokia Symbian and WM5/6 Hello, From what I understand you are looking for a software application on a WM5/6 and Symbian mobile device that wipes external flash memory attached to the device? When looking for products with this type of functionality I always have a look at the Common Criteria Portal to ensure that the product has been through an evaluation process and is suitable for government use. If the data is sensitive why not destroy it as you can just remove the flash card. - ryan, Sent from my iPhone. On Sep 28, 2007, at 6:52 PM, Luis Lopez Sanchez <luis.lopez () atosorigin comwrote:Hi Geoff, Thank you very much for clarify me this matter, I'm not very familiarized with solid state memories yet, until now I've been working with hard disks sanitization only ... But I can understand your explanation and their physical considerations. Please, let me drop the question again, I would need some tool for WM5/6 and Symbian to carry out a DoD wiping for external flash ... Do you know anyone to use from mobile devices directly? I know that performing a 'Hard Reset' it would get a internal flash wipe but how I can wipe securely the external flash from the itself mobile device. Thanks in advance, Regards, -- Luislo http://luislo.blogspot.com "I speak for myself not Atos Origin"-----Original Message----- From: gjgowey () tmo blackberry net [mailto:gjgowey () tmo blackberry net] Sent: jueves, 27 de septiembre de 2007 19:11 To: Luis Lopez Sanchez; listbounce () securityfocus com; security-basics () lists securityfocus com Subject: Re: Fash cards sanitization from Nokia Symbian and WM5/6 Why would you need gutman to sanitize a flash card? Gutman is written specifically for taking the inaccuracies of writing to magnetic media into account. Flash cards don't suffer from those problems and all you're likely to do is make them burn out faster. I wouldn't do anything more than a regular dod wipe on flash cards and even that is overkill. Geoff Sent from my BlackBerry wireless handheld. -----Original Message----- From: Luis Lopez Sanchez <luis.lopez () atosorigin com> Date: Thu, 27 Sep 2007 18:19:23 To:security-basics () lists securityfocus com Subject: Fash cards sanitization from Nokia Symbian and WM5/6 Hi All, I wonder if exist some application to write different sanitization patterns to removable flash cards (such as SD cards) for to use from the mobile device itself, no using PC or other computers with flash cards reader. I have been googling sometimes for this recurrent matter with no successful. I'd like to know if somebody know some app to apply the Guttman method (yeah! Of course, I know this is a any obsolete method but to me it would be enough to start) to SD and micro-SD flash cards from Windows Mobile 5/6 and Nokia w/ Symbian 80 3rd ed. based hardware platforms (such as HTC/QTEK for WM and N*/E* Nokia Series). I am searching for a system to wipe or sanitize flash cards directly from the two mobile operating systems based platforms. From a PC with a simple flash reader reader all is easy, but from a mobile device is not so much... ¿Any idea? PS: I think that something like 'dd' GNU tool for WM or Symbian could be useful as a first approach, but I haven't time to port it (and I don't know if I would be able to carry out it!). Many thanks in advance. Best Regards, -- Luislo http://luislo.blogspot.com "I speak for myself not Atos Origin" ------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos Origin group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente. Pueden estar protegidos por secreto profesional Si usted recibe este correo electronico por error, gracias de informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos Origin no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos Origin, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus ------------------------------------------------------------------------------------------------------------------------------------ This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e- mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos Origin group liability cannot be triggered for the message content. Although the sender endeavours to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted. Este mensaje y los ficheros adjuntos pueden contener informacion confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente. Pueden estar protegidos por secreto profesional Si usted recibe este correo electronico por error, gracias de informar inmediatamente al remitente y destruir el mensaje. Al no estar asegurada la integridad de este mensaje sobre la red, Atos Origin no se hace responsable por su contenido. Su contenido no constituye ningun compromiso para el grupo Atos Origin, salvo ratificacion escrita por ambas partes. Aunque se esfuerza al maximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no sera responsable de cualesquiera danos que puedan resultar de una transmision de virus ------------------------------------------------------------------
Current thread:
- Fash cards sanitization from Nokia Symbian and WM5/6 Luis Lopez Sanchez (Sep 27)
- Re: Fash cards sanitization from Nokia Symbian and WM5/6 gjgowey (Sep 27)
- RE: Fash cards sanitization from Nokia Symbian and WM5/6 Luis Lopez Sanchez (Sep 28)
- <Possible follow-ups>
- Re: Fash cards sanitization from Nokia Symbian and WM5/6 Ryan Chow (Sep 28)
- Re: Fash cards sanitization from Nokia Symbian and WM5/6 gjgowey (Sep 28)
- Re: Fash cards sanitization from Nokia Symbian and WM5/6 Ryan Chow (Sep 28)
- Re: Fash cards sanitization from Nokia Symbian and WM5/6 gjgowey (Sep 29)
- Re: Fash cards sanitization from Nokia Symbian and WM5/6 gjgowey (Sep 28)
- Re: Fash cards sanitization from Nokia Symbian and WM5/6 gjgowey (Sep 27)