Re: PRIVACY: MSIExplorer email spy file

Mark Grant (mark@unicorn.com)
Sun, 16 Mar 1997 11:10:04 +0000


On Sun, 16 Mar 1997, Eugene Leitl wrote:

> We are talking about two different things here: hard drive encryption, or
> repeated overwriting to reduce residual magnetisation. Both breaking
> long-key PGP,

Well, he's talking about the 'pgp -w' option which overwrites a file with
pseudo-random data. This is probably better than some commercial systems,
particularly if you run it on a compressed disk. However, one problem with
all these programs is that your disk drive may cache the writes and only
update the hard disk itself once after you've supposedly overwritten the
data twenty times, and another is that the operating system might decide
to move blocks around on the disk so that the new block you write is
overwriting a different free block rather than the old block of the file.
This is more likely with Unix than Windows.

> and scanning the (say, deep-formatted) drive are costly
> undertakings, not to be applied to a random miscreant. So, unless you are
> a major drug baron, or into mass destruction weaponry, you can sleep
> quite safely.

Even then, the technology was developed in the days of 40MB PC drives, not
4GB. As hard disk storage density increases, the cost of recovering old
data increases dramatically. Given the kind of technology required just to
read the current data on next-generation disks I'd be surprised if anyone
will be able to read much more than one generation back, if that.

Mark

|-----------------------------------------------------------------------|
|Mark Grant M.A., U.L.C. EMAIL: mark@unicorn.com |
|WWW: http://www.unicorn.com/ MAILBOT: bot@unicorn.com |
|-----------------------------------------------------------------------|