Full Disclosure mailing list archives

Re: Disk wiping -- An alternate approach?

From: T Biehn <tbiehn () gmail com>
Date: Tue, 26 Jan 2010 11:10:29 -0500

Oh yeah, another note: If you use a chaining block cipher than you
only need to wipe the first block to make the rest of your data
unrecoverable. Most FDE's actually use a pw to decrypt the actual
decryption key, that block functions much the same, if you can wipe
that then the rest of the data is unusable.
Note, anyone who has pulled your key from memory via trojan or other
means at an earlier time will be able to recover your data unless the
first block of the stream has been wiped. This might be common
practice in sneak and peek routines.

-Travis

On Tue, Jan 26, 2010 at 11:04 AM, Christian Sciberras <uuf6429 () gmail com> wrote:

I was thinking, since all this (reasonable) fuss on wiping a disk over 10
times to ensure non-readability, how come we're yet very limited on space
usage?
If, for example, I overwrote a bitmap file with a text one, what stops the
computer from recovering/storing both (without using additional space)?
Just a couple curiosities of mine.





On Tue, Jan 26, 2010 at 4:08 PM, Michael Holstein
<michael.holstein () csuohio edu> wrote:

By the way, does somebody knows about the flash memory?
Is zeroing a whole usb key enough to make the data unrecoverable?


No, wear-leveling (done at the memory controller level) will dynamically
re-map addresses on the actual flash chip to ensure a relatively
consistent number of write cycles across the entire drive.

The only way to completely "wipe" a flash disk is with a hammer.

Regards,

Michael Holstein
Cleveland State University

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




-- 
FD1D E574 6CAB 2FAF 2921  F22E B8B7 9D0D 99FF A73C
http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on
http://pastebin.com/f6fd606da

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: Disk wiping -- An alternate approach?, (continued)
- - - Re: Disk wiping -- An alternate approach? Bipin Gautam (Jan 25)
    - Re: Disk wiping -- An alternate approach? Thor (Hammer of God) (Jan 25)
    - Re: Disk wiping -- An alternate approach? Rohit Patnaik (Jan 25)
    - Re: Disk wiping -- An alternate approach? Bipin Gautam (Jan 25)
    - Re: Disk wiping -- An alternate approach? Bipin Gautam (Jan 25)
    - Re: Disk wiping -- An alternate approach? Tracy Reed (Jan 25)
    - Re: Disk wiping -- An alternate approach? E. Prom (Jan 25)
    - Re: Disk wiping -- An alternate approach? Bipin Gautam (Jan 25)
    - Re: Disk wiping -- An alternate approach? Michael Holstein (Jan 26)
    - Re: Disk wiping -- An alternate approach? Christian Sciberras (Jan 26)
    - Re: Disk wiping -- An alternate approach? T Biehn (Jan 26)
    - Re: Disk wiping -- An alternate approach? T Biehn (Jan 26)
    - Re: Disk wiping -- An alternate approach? Christian Sciberras (Jan 26)
    - Re: Disk wiping -- An alternate approach? T Biehn (Jan 26)
    - Re: Disk wiping -- An alternate approach? Valdis . Kletnieks (Jan 26)
    - Re: Disk wiping -- An alternate approach? T Biehn (Jan 26)
    - Re: Disk wiping -- An alternate approach? T Biehn (Jan 26)
    - Re: Disk wiping -- An alternate approach? E. Prom (Jan 26)
    - Re: Disk wiping -- An alternate approach? Stefan Weimar (Jan 26)
    - Message not available
    - Re: Disk wiping -- An alternate approach? Michael Holstein (Jan 26)
    - Re: Disk wiping -- An alternate approach? Michael Holstein (Jan 26)