Full Disclosure mailing list archives
Re: Disk wiping -- An alternate approach?
From: T Biehn <tbiehn () gmail com>
Date: Wed, 27 Jan 2010 11:38:47 -0500
Bipin. I am familiar with LUKS (DMCRYPT), SecurStar's DCPP, TrueCrypt, PGP Desktop, Windows EFS and all manners of configurations of those products, including the hidden container features of DCPP and TC. I am familiar with computer forensics, computer forensic methods, and anti-forensics. Furthermore I have working knowledge of the various one-way hashes, symmetric and asymmetric encryption algorithms. Working knowledge of the various block-cipher modes and what the differences are between them.
From firsthand experience with the courts I am familiar with their
tool dependence and what they can and cannot grab and why.
From simple logic it is plain to see that filling a drive with content
from wikipedia, some n-gram algorithm or other source would be worthless. A waste of time and effort. This is because a drive full of zeros, a drive full of random bits and a drive full of random word garbage are equivalent. Some obfuscating filesystem that does -not- use encryption is as worthless as a generic F-S. If the content on your drive is worth grabbing the investigating authorities can and will reverse engineer it. As everyone has told you, encrypt with a FDE product from the start or simply wipe your drive to nulls or garbage. If you are very paranoid use my solution of a hidden container containing a VM that you use for anything 'private.' Make sure your host OS has a ream of malware running on it preferably pointed to non-existent C&C channels, or using PKI where which nobody has the private key. -Travis On Wed, Jan 27, 2010 at 11:18 AM, Bipin Gautam <bipin.gautam () gmail com> wrote:
Really? How much do you know of computer forensics? Care to Double clicked a few forensic tools first............ I bring up this issue here because as you can see the laws are different in different country and at places just "possession" of a questionable content is a crime, without much analysis from where did it come from. Such a logic doesnt hold much water from a technical prospective, that is what i was trying to discuss. (but you were so much concerned about my english lol ) We were talking on a NEW topic, But if truecrypt is all you know, then download truecrypt and add a "custom cascade of ciphers" to your truecrypt source code... so that your truecrypt hidden volume will be very hard to bruteforced with off the self tools (which is what most forensic examiners do, they are tool dependent)..... (i wish to make fun of you, but maybe another email! ;) -bipin On 1/27/10, T Biehn <tbiehn () gmail com> wrote:You made the argument against youself; apparently you didn't comprehend the points made in 90% of the on-topic responces to this thread. On Jan 27, 2010 9:34 AM, "Bipin Gautam" <bipin.gautam () gmail com> wrote: McGhee & T Biehn ! Thankyou for putting up your "best" argument.... sadly that is the BEST technical thing you happen to pick............. in this topic to comment about........ -bipin On 1/27/10, McGhee, Eddie <Eddie.McGhee () ncr com> wrote: > and also lol @ maybe USELESS, try making ...<bipin.gautam () gmail com<mailto:bipin.gautam () gmail com>> wrote: > > Enoughnoise, Lets wrap up: > >...
-- FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on http://pastebin.com/f6fd606da _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Disk wiping -- An alternate approach?, (continued)
- Re: Disk wiping -- An alternate approach? Kurt Buff (Jan 26)
- Re: Disk wiping -- An alternate approach? Michael Holstein (Jan 26)
- Re: Disk wiping -- An alternate approach? Kurt Buff (Jan 26)
- Re: Disk wiping -- An alternate approach? Bipin Gautam (Jan 26)
- Re: Disk wiping -- An alternate approach? T Biehn (Jan 27)
- Re: Disk wiping -- An alternate approach? McGhee, Eddie (Jan 27)
- Re: Disk wiping -- An alternate approach? Bipin Gautam (Jan 27)
- Message not available
- Re: Disk wiping -- An alternate approach? T Biehn (Jan 27)
- Re: Disk wiping -- An alternate approach? Bipin Gautam (Jan 27)
- Re: Disk wiping -- An alternate approach? Christian Sciberras (Jan 27)
- Re: Disk wiping -- An alternate approach? T Biehn (Jan 27)
- Re: Disk wiping -- An alternate approach? Michael Holstein (Jan 27)
- Re: Disk wiping -- An alternate approach? Thor (Hammer of God) (Jan 27)
- Re: Disk wiping -- An alternate approach? Bipin Gautam (Jan 27)
- Re: Disk wiping -- An alternate approach? Rohit Patnaik (Jan 27)
- Re: Disk wiping -- An alternate approach? T Biehn (Jan 26)
- Re: Disk wiping -- An alternate approach? E. Prom (Jan 25)
- Re: Disk wiping -- An alternate approach? Bipin Gautam (Jan 25)
- Re: Disk wiping -- An alternate approach? Thor (Hammer of God) (Jan 25)
- Re: Disk wiping -- An alternate approach? Rohit Patnaik (Jan 25)
- Re: Disk wiping -- An alternate approach? Bipin Gautam (Jan 25)