Re: PRIVACY: MSIExplorer email spy file

Eugene Leitl (Eugene.Leitl@lrz.uni-muenchen.de)
Mon, 17 Mar 1997 01:25:42 +0100 (MET)


On Sun, 16 Mar 1997, Mark Grant wrote:

> On Sun, 16 Mar 1997, Eugene Leitl wrote:
>
> > We are talking about two different things here: hard drive encryption, or
> > repeated overwriting to reduce residual magnetisation. Both breaking
> > long-key PGP,
>
> Well, he's talking about the 'pgp -w' option which overwrites a file with
> pseudo-random data. This is probably better than some commercial systems,

PGP has no access to primitive system functions. Assuming that pgp -w
will write to exactly the same location is assuming too much, imo. It
sure is probable, but it is not guaranteed even currently.

> particularly if you run it on a compressed disk. However, one problem with
> all these programs is that your disk drive may cache the writes and only
> update the hard disk itself once after you've supposedly overwritten the
> data twenty times, and another is that the operating system might decide
> to move blocks around on the disk so that the new block you write is
> overwriting a different free block rather than the old block of the file.
> This is more likely with Unix than Windows.

Yes. That's the reason fsck is more likely to find garbage after a hard
power-off sans predcessing shutdown. But it sure increases drive
performance, especially if you have lots of RAM.

> > and scanning the (say, deep-formatted) drive are costly
> > undertakings, not to be applied to a random miscreant. So, unless you are
> > a major drug baron, or into mass destruction weaponry, you can sleep
> > quite safely.
>
> Even then, the technology was developed in the days of 40MB PC drives, not
> 4GB. As hard disk storage density increases, the cost of recovering old
> data increases dramatically. Given the kind of technology required just to
> read the current data on next-generation disks I'd be surprised if anyone
> will be able to read much more than one generation back, if that.

I think magnetic proximal probe microscopy will have little problems with
current, or near future, magnetic pit size. Making sense of the signal is
much harder, however. So, overwriting the same track say 10 times with an
adequate pattern (random?) should give the Shop some hefty trouble.
(Conc. cryptography, your drive will sure keep quiet, but will you? You
know, certain people can be... persuasive. Whereas erased drives don't talk).

ciao,
'gene

> Mark