In a previous post I wrote about disk wiping tools. If you haven’t read that article, I suggest reading it before reading this one. Also, this article is written with the assumption that the reader has a fair amount of technical knowledge.
The reasons for wanting to wipe a hard disk drive are many:
- You might expect a visit by NSA-SCS.
- You might suspect a rootkit infestation.
- You might wish to sell your old computer or throw it away and you don’t want your anyone else to get a hold of your private data 1).
- Same as above, only for companies, hospitals, law firms or anyone else with legal obligation to prevent the spreading of sensitive data.
- You’re simply paranoid.
Whatever your reasons are, you need to make sure that the data that used to be on your hard drive are gone, hence the need for a disk wiping tool.
But as mentioned in my previous post, wiping tools – that is; block erase wiping tools (BEWTs) – have certain limitations:
- Hidden data areas (HPA/DCO) might not be wiped, possibly leaving rootkits in place (although probably non-functional).
- Blocks marked as bad by the hard drive itself are not wiped (blocks marked as bad by the operating system only will be wiped). This information is possible to recover using exotic forensic techniques 2).
In addition to these two previously mentioned limitations, the following apply:
- When data is overwritten (block erased), the old data on the hard drives might leave magnetic information on off-track areas of the hard drive. BEWTs have no way of erasing this off-track information. This information is theoretically possible to recover using exotic forensict techniques. 3)
- On modern, high-capacity drives, multiple overwrites are no more effective than a single overwrite. 4)
- BEWTs are suseptible to malware attacks. 5)
- Using BEWTs takes time. Following the old DoD 5220.22-M directive of 3 consecutive wipes might take as much as 24 hours on a 250GB disk. BEWTs can exceed the DoD standard and wipe a drive as many as 35 times, leaving the computer used for wiping non-operational for weeks.
- When you’ve run a BEWT, you have little posibility of verifying that a complete wipe has taken place; that all user accessible areas has been wiped. You’ll have to rely on the information that the BEWT gives you.
Enter Security Erase
Lately there’s been some hype about the relatively new ATA command addition called Secure Erase (part of the ATA Security Feature Set), from now on refered to as “ATA-SE”. ATA-SE is an ATA command (SECURITY ERASE UNIT) built into hard drive firmware that, if executed, orders the hard disk drive to wipe itself. Using software similar to BEWTs (boot disk with an ATA command program) you can trigger this built-in function, wiping your hard drive. Alternatively, you can use the same program to simply lock the hard drive rendering it useless, so that only a wipe (or providing the correct password) can unlock the drive to make it usable again 6). If you have a disk drive produced 2001 or later (with a capacity of 15GB or higher) there’s a 99% chance that your hard drive implements ATA-SE.
But what’s the hype about?
Relax, this hasn’t turned into a religious blog, I’m simply drawing a parallel to one of the best data recovery companies out there, Norwegian Ibas. Ibas are experts on recovering lost or hidden data. And it’s amazing how often they succeed. Take a look at this charred wreck of a burnt PC1):
On this particular PC 100% data was recovered.
What’s this got to do with you, you ask? Or with Gawd, for that matter?
Well, if you have sensitive data that you do not want anyone to find, let alone be able to read then companies like Ibas (or NSA, for that matter) are your worst nightmare. If the data has ever been stored on your computer these guys can probably find it. Pressing “Delete”, formatting the disk or using “fdisk” or similar tools will NOT do the job. If you have data that you want to get rid of, you need something serious.
Hence the God analogy - Ibas know how to treat the data so that they themselves cannot recover it. Enter: ExpertEraser
The Electronic Privacy Information Center (EPIC) is an independent non-profit public interest research center. They work on privacy issues, open government, free speech, and other important topics related to civil liberties.
If you’re not already a supporter, you might consider becoming one.
Anyway, today’s blog post is about their list of privacy tools. It’s certainly not a complete list, and they’re not doing anyone any favor listing Skype under “Voice Privacy” and “Secure Instant Messaging” (since Skype is Eviltm), but the list is a great compilation of good tools.
Check it out here: http://www.epic.org/privacy/tools.html
Do you like the Google search engine? Yeah? I do too. In fact, I LOVE Google, and basically don’t use any other search engine. Why would I? Google gives great search hits, it’s fast and has that lean, efficient interface that doesn’t get in the way of my searching for information.
But do I trust Google Inc. to do no evil, to know everything about me; every aspect of my life – and not misuse that information, today and in the forseeable future?
Maybe I’m being Ultraparanoid™, but I’d have to say ”NO!”.
”But Google doesn’t know everything about me”, you say. Well, let’s take a look at what Google DO know (or may know), shall we?
If you use GMail, Google reads all your mail. If you use Google Desktop, Google reads every document on your computer. Just those two are enough to give me the creeps. But it gets even worse – a lot worse!
So, you’re a security-minded individual who uses a HW firewall, a client firewall, antivirus SW and anti-spyware SW to protect yourself, your computer and your privacy. Great! Now you’ve found a great way to communicate with your friends and family in a secure fashion: Skype! Well, let’s take a deep breath and have a closer look at Skype. Here’s a conversation between me and you:
You: I’ve found a way to communicate with my friends and my family in a secure fashion!
Me: Wow, that’s great. Tell me more about it.
You: It’s a voice-over-IP program with chat functionality.
Me: Sounds nice, but how exactly is it “secure”?
You: It encrypts everything with a 256-bit EAS algorithm – it’s unbreakable!
Me: Yes, 256-bit AES is a strong algorithm. Did you make sure to choose a long and complex passphrase when generating the master key to keep the implementation of the encryption as strong as the algorithm lets you?
Apparently, the guys over at Secustick has convinced French military contractor Dassault, French bank Crédit Agricole and “the French intelligence service” (according to Secustick) that their new, cool “self-destructing” USB stick is the ultimate in portable storage security:
“a memory stick that will self-destruct after an incorrect password has been entered more than a set number of times”
Turns out that the stick is neither self-destructing nor secure, and that the French intelligence service should be very, very, very ashamed of themselves.
Thank God for hackers.
Update, april 19:th, 2007:
Apparently, renown IT security expert Bruce Schneier came to the same conclusion that I did.