[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Wipe Swap File
-----BEGIN PGP SIGNED MESSAGE-----
At 10:38 AM 1/20/96 EST, Dr. Dimitri Vulis wrote:
>[email protected] (tallpaul) writes:
>> Remember that one simple wipe is *not* secure. Current Department of
>> Defense security regs call for wiping the same space something like 8 or 9
>> times. Even then the wipe is not secure enough for higher level DofD
>> classified material. There the regs call for the physical destruction of
>> the medium after it has been wiped.
>
>Degaussing the media (running a household magnet over it :-) may be an option.
Degaussing using a common, AC-driven bulk tape eraser is FAR FAR FAR better
than using a permanent magnet. DO NOT USE A 'HOUSEHOLD MAGNET"!!!! (Except
in an absolute dire emergency, such as when the government thugs are
breaking down the door, and you have to wipe that disk in a second, and
didn't think to keep the bulk eraser plugged in and immediately available,
etc. Even then, use a Neodymium Iron Boron magnet, because floppies are
actually remarkably insensitive to demagnetization...)
Here is why: Magnetic materials have "hysteresis curves." If you merely
apply a "DC" magnetic field to a floppy disk, this orients "all" the domains
in one direction, but perhaps with a small residual bias based on the
previously-magnetized direction. Such data won't be readable on an ordinary
floppy drive, of course, but it might be recovered, with substantial (read,
"money") effort. This gives uninformed people a false sense of security.
AC-powered tape demagnetizers, on the other hand, produce a 60-hertz
(actually, 120
hertz, depending on how you look at it) pulsing magnetic field, which
REPEATEDLY saturates and re-saturates the magnetic domains in one direction
and then the other, taking a "trip around the hysteresis curve" 60 times per
second. Residual magnetic fields are repeatedly reversed and thus
overwritten, and quickly become totally and completely unrecoverable in a
second or so. (actually, far less, I'm just not proposing you stand there
for a minute degaussing a single floppy!!!)
And there is a far more practical reason to NOT use a permanent
magnet, and CERTAINLY not on audio-quality tapes. Read heads can get
inadvertently magnetized, and if you insert a disk or tape with a
DC-magnetization on it "who knows what" might go wrong. (it would take a
reasonably technical audiophile to tell you how much of a problem this could
be on audio cassette tapes. It is possible that digital-writing floppy
disks heads are comparatively immune from this effect, but don't count on
it!) (However, using an
AC demagnetizer on a floppy after you've zapped it with a permanent magnet
will remove whatever residual DC magnetiziation was present.
>Two semi-on-topic questions:
>
>1. Does anyone know a cheap way to recover the traces of the previous
>(overwritten) recordings on the media?
Cheap? No.
>2. If a cheap way exists, has anyone considered stego use of it?
Doesn't sound particularly practical.
I can think of a slightly better way, MAYBE. There are, what, 80 tracks on
the typical floppy disk, right? (okay, I may be wrong about this...).
But it would be physically possible to write a few more tracks onto the
floppy before you hit a mechanical stop. Putting data THERE while the
typical system thinks there are "only" 80 tracks would hide it reasonably
effectively.
Note: I'm not over-rating the effectiveness of such a system. It wouldn't
faze the CIA or the NSA, but it would probably get by the local police, the
state police, and maybe even the FBI unless they had written a program
specifically designed to search "illegal" tracks. Label the floppy, "Doom
program, great game!" and they'll probably waste most of their time blasting
monsters rather than looking for tracks 80, 81, 82, etc.)
Also, this is certainly not a new idea.
My public key.
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2
mQCNAi1zvWcAAAEEAKmSqngLWK2N2gOJKPtjF9VCfSkXY+XUZBRCbbFU71uH/dLX
C2Uq6wFS8alRgMc3rp90JnnJ/6eJqXwMjCunogwucWOaU7S/w+OwjOG9fUqsXIA6
2j25Wtjce65mbp0TKLAzwMb/P/Qq7BlclqhuKzfVBH7dIHnVAvqHVDBboB2dAAUR
tBFKYW1lcyBEYWx0b24gQmVsbA==
=G3LA
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBMQFn5/qHVDBboB2dAQG1BgP/Wbx4lda9RCp9mjeqBGEOUxRtR98/ZoQY
QH4QbreNEtskiHKjEPVpaab5oqCzpnkz3wX+Ve1EZ45kMNYs86gpWqb36IcsDBAi
Ic9ZeUr2l0BEz0cZbyTiZPhN1J9LW0mDjLW5Zg83uaUKCwCa6MFuZP7iObmlAUjL
GC3CsymuBSo=
=xx4B
-----END PGP SIGNATURE-----