[Previous entry: "Cures for hard-drive detection"] [Main Index] [Next entry: "Pentogon gets into "assassination politics" -- in the name of terror prevention"]

07/28/2003 Archived Entry: "More on protecting data"

MORE ON PROTECTING OUR DATA. Two observent readers wrote to point out that merely smashing a diskette, CD, or DVD with a hammer (as A. Nonymous suggested yesterday) won't make data unreadable. Both correspondents offered other data-protection suggestions of their own, which you can access by clicking "more." I claim zero expertise in this area, but will be glad to print or point to more good stuff on it, since it's important & fascinating.

Correspondent War Historian wrote:

I've been able to salvage some data from crushed disks myself, and I 've seen a TLC or Discovery Channel show where they did much more. Some guy was suspected of a murder, and they thought he'd copied text files pertaining to the case onto a floppy disk which they'de found broken open and the magnetic disk itself cut up with a pair of scalloped scissors. A forensics guy from the local major police district was able to literally tape the disk back together and salvage most of the data from it using some file-recovery utilities.

If you want to destroy info on a floppy, I wouldn't trust anything short of opening it up and melting the magnetic disk in a fire. Same goes for CDs and DVDs - since their data is stored in physical rather than electronic form, they're probably even easier to read after being broken into pieces (haven't tried that myself, though).

Reader Over the Pond added:

Something important which your link left off: a major threat is *swap files*. Your data might be passworded on disk, but if you just accessed it, there may be a copy of the decrypted version - or even the password itself - in the swap files.

Solution: use Linux, use specifically a modern version of Mandrake Linux, which has built in support for "loop-aes". You can use this to encrypt the hard drive *and* the swap files. Pretty trivial too, can all be set up from within the installer. I know, I have it running on my machine. The encryption is heavy-duty (AES 128 bit). The result is that your data *never touches* the hard disk in readable form. Might they know how to crack it? Dunno. Will they tip their hand to the world, by openly using anything they decrypt? Bet your life not.

Then all you've got to worry about are guys with rubber hoses asking for your password...

Over the Pond's suggestion gave me a smile. I do use Mandrake Linux and had just been wondering how to do what he describes. A few days ago, another friend had told me she encrypted her hard drive with DriveCrypt. But that's for Windows only. So Over the Pond just made my personal life a lot easier.

Now, to find the time and the expertise (however major or minimal) to do any of this. So many good intentions. So little time. So few spare brain cells.

Posted by Claire @ 01:48 PM CST
Link

Powered By Greymatter