[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
IP: ISPI Clips 5.29: What's on Your Hard Drive That The Delete Didn't Delete?
From: "ama-gi ISPI" <[email protected]>
Subject: IP: ISPI Clips 5.29: What's on Your Hard Drive That The Delete Didn't Delete?
Date: Fri, 9 Oct 1998 00:40:03 -0700
To: <[email protected]>
ISPI Clips 5.29: What's on Your Hard Drive That The Delete Didn't Delete?
News & Info from the Institute for the Study of Privacy Issues (ISPI)
Friday October 9, 1998
[email protected]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This From: The New York Times, October 8, 1998
http://www.nytimes.com
What's on Your Hard Drive?
If You Want Privacy, It Pays to Find Out What Data Your Computer Saves And
How to Erase Information That the Delete Button Hardly Touches
http://search.nytimes.com/search/daily/bin/fastweb?getdoc+site+iib-site+52+
0+wAAA+privacy
By
PETER H. LEWIS
For computer users, some of the more startling revelations in the Starr
report have nothing to do with sex.
Footnotes in the report from the Office of the Independent Counsel include
such phrases as "document recovered from Ms. Lewinsky's home computer,"
"e-mail retrieved from Catherine Davis's computer" and "deleted file from
Ms. Lewinsky's home computer."
One of the ways Kenneth W. Starr's investigators peered into the private
lives of their subjects was to peer into their computers. What they were
able to find, and the ease with which they found it, may prompt computer
users to re-evaluate their computer practices.
Word processing software, Web browsing software and electronic mail have
become integral to all sorts of communications, both professional and
personal. As a result, many people have files on their hard disks that they
wish to keep private, like love letters, confidential business documents or
financial data.
And many people have sensitive, confidential and potentially embarrassing
files in their computers that they do not know are there, either because
they think that the files have been erased or because they are unaware that
certain common programs on the computer automatically keep a log of what
the user does.
"Recovering files that were deleted from a computer directory is a trivial
process," said Joel R. Reidenberg, a professor at the Fordham University
School of Law in New York who specializes in privacy issues. He said a
related issue was the computer's creation of sensitive files that the user
often did not know were there in the first place.
"The user's Web browser will create files, unbeknownst to the user, that
record all their interactions," Professor Reidenberg said. "Many people
today know about cookie files, but the browser creates a history file as
well that keeps a record of the Web sites the user visits. And then there's
a cache file that sometimes even keeps copies of the pictures that have
been downloaded."
More obscure are the temporary files created by word processors, for
example, and the so-called swap files that an operating system creates as a
way to manage computer memory. These files often remain readable even if
the original files are erased.
In computers, being safe can sometimes lead to being sorry, as Oliver L.
North discovered in the Iran-contra investigation in the Reagan
Administration, when incriminating files he thought had been deleted were
later resurrected from network backup tapes. In the current Justice
Department investigation of the Microsoft Corporation, e-mail messages and
memorandums from long ago are being resurrected from computer disks and
cited as crucial evidence.
The great majority of computer users have little reason to believe that
their computer files will be scrutinized by law-enforcement agents,
corporate and government spies, or even special investigators. But what
about unscrupulous co-workers or curious children or computer thieves? What
confidential information resides on the hard disk of the computer that was
donated to charity, sold at a yard sale or accidentally left on the
commuter train?
Examples abound of sensitive information going out the door when government
agencies, pharmacies, doctors' offices and other businesses donate or sell
used computers without erasing the computers' memories.
Last year, for example, a woman in Nevada bought a used computer from an
Internet auction company and was surprised to find that it contained names,
addresses, Social Security numbers and prescription information for 2,000
people, including people being treated for AIDS, alcoholism and mental
illnesses. A pharmacy had failed to erase the information when it sold the
computer.
The rise in the number of computer thefts and the increased sharing of
computers in the home are confronting consumers with security issues that
in the past were issues only for big corporations, banks, the military and
government agencies, said Steve Solomon, chief executive of Citadel
Technology Inc., a security software company in Dallas whose products
include Winshield and Folderbolt. "It's moving down into the small office
and home office markets, to schools and to home computer users," he said.
How does one keep confidential information private? And when the
information is no longer needed, how does one make sure that it is
completely erased? Both questions involve a combination of good computer
security policies and good security software.
The software is the easy part. Creating and sticking with good security
habits is the hard part.
"Technology exists today to protect individual privacy for as long as the
individual chooses to keep the information private," said Scott Schnell,
senior vice president of marketing at RSA Data Security of San Mateo,
Calif.
Computer users today have access to inexpensive software tools that can
encrypt the contents of a file (including images), an e-mail message or
even the entire contents of a computer so thoroughly that it can never be
read by someone else in our lifetimes. Other programs can shred unwanted
files so completely that no one can recover them. But very few people use
such security tools.
Computers are good at keeping secrets. Too good, in fact. The secrets can
reside on a computer, and on a computer network, long after the user
deletes them. The files are forgotten, but not gone.
Deleting a file does not really delete the file. It merely hides it from
view so it no longer shows up in a directory of files. It's like getting an
unlisted telephone number. The listing may not appear in the phone
directory, but the phone can still ring if someone knows the right number.
When a user deletes a file, the computer stops listing it in the file
directory and marks the disk space as available for reuse. Another file may
eventually be written atop the same space, obliterating any traces of the
original. But as hard disk capacities swell into the gigabytes, the space
may not be overwritten for a long, long time.
In that limbo period when the deleted file is undead, any moderately
skilled computer user can locate, restore and read the deleted file by
using such commands as "undelete" or "unerase," which are common features
of many software utilities.
The computer's ability to remember deleted files is most often a good
thing, especially when important files have been deleted by accident. Every
day, computer technicians get frantic calls from people who have
inadvertently erased the boss's speech or the big presentation due the next
morning, or who have children who have erased those boring Quicken folders
to make room on the disk for games.
At those moments, being able to resurrect the files from the dead seems
like a miracle.
There are a number of utility programs available that have an "unerase"
capability, to be used both in emergencies and as a precaution against
accidents. Examples include Norton Utilities from the Symantec Corporation.
But as with most tools, "unerase" programs can be dangerous in the wrong
hands.
To truly erase a file and prevent it from being recovered, one must write
over it, or wipe it.
There are several utility programs available that enable the user to
overwrite a single file or the entire disk, or anything in between. Such
programs typically have apocalyptic names, such as Shredder, Flame File and
Burn. Similar disk-wiping tools are often included in PC utility programs
and encryption programs, but others are available for downloading without
charge from the Internet.
These programs typically hash over the designated disk space with
meaningless patterns of ones and zeroes, instead of the meaningful patterns
of ones and zeroes that represent the original information. That process
renders the deleted file unreadable in most cases.
The key phrase is "in most cases." Just as with encryption, there are
people working just as hard to recover wiped files as there are people
working to wipe them. Law-enforcement agencies and spies have developed
ways to reverse a simple, one-pass wipe with ones and zeroes and retrieve
the original file. So the Federal Government requires that sensitive files
be wiped many times with random characters, which, in theory, obliterates
the original file and makes it unrecoverable.
Unless, of course, the file has already been copied onto backup tapes. In
the digital world, the original file may be shredded, while one or more
perfect copies can exist elsewhere.
An even more bulletproof way to render files unreadable is to encrypt them.
Encryption scrambles a disk or file, including pictures (or a telephone
conversation, or a credit card sent over the Internet) so it can be opened
and read only by the person holding the proper key, or password. The
strength of the encryption is often measured by the length of the key,
which is in turn measured in bits. In general, each additional bit of key
length doubles the amount of effort needed for unauthorized users to break
the key.
Even weak encryption (with a 40-bit key length, for example) is sufficient
to deter most casual snoops. Breaking a 56-bit key requires computing
resources that are beyond the reach of all but the most determined code
breakers, and even then it can require days of sustained attacks by a
supercomputer just to crack one e-mail message. (The Government's National
Security Agency, by far the most formidable group of code breakers on the
planet, is thought to be able to break 56-bit keys in a much shorter time,
said Enrique Salem, a chief technology officer at Symantec, whose products
include Disk Lock, Norton Your Eyes Only, and Norton Secret Stuff.
Some encryption programs available today use 128-bit keys, which are
"infinitely unbreakable, at least in our lifetimes, even taking into
consideration the predictable advances in computing power," said Schnell of
RSA. In other words, it is more secure than the strongest physical vault
ever built. Not even the National Security Agency is believed to have the
ability to break a 128-bit key.
And then there is e-mail. People type all sorts of embarrassing,
confidential or intemperate words in e-mail in the mistaken belief that
such messages are private. In reality, messages sent by e-mail are less
secure than messages scribbled on a postcard.
The way the Internet mail system works, an e-mail message passes through
several exchange points, or nodes, on its way to the recipient's computer.
The system administrator at each handoff point can in theory read the
message, copy it, reroute it or tamper with it. If the message originates
or terminates in a corporate computer system, chances are high that a copy
will persist in the company's backup tapes or disk for days, at least.
In the end, there are only two ways to keep information confidential in the
digital age. One is to use strong encryption. The other is never to write
it down or speak it in the first place.
PRIVACY PROTECTION:
Who knows what secrets lurk on your hard drive? With luck, and with the
following security programs, only you do.
PGP 6.0
(Windows 95, 98 and NT, and Macintosh OS 7.5.3 and newer; free for
individual, noncommercial use) Philip R. Zimmermann's Pretty Good Privacy,
or PGP, is one of the world's most widely used encryption programs for
personal computers, so good, in fact, that the United States Government
contends that it is as potent a military weapon as a jet fighter or a
cruise missile.
NORTON YOUR EYES ONLY 4.1
(Windows 95, 98 and NT; about $75; (800) 441-7234.) Norton Your Eyes Only
performs a variety of password-protected security functions. It can be set
to blank the screen and lock the computer if the user steps away for a
minute or to prevent unauthorized users from booting the machine.
RSA SECURPC
(Windows 95, 98 and NT; $59; Security Dynamics Technologies; (800)
732-8743.)
Intended more for small office use, SecurPC links with the Windows Explorer
file management system to automatically and transparently lock disks and
files with 128-bit encryption, but it allows the keys to be shared with
administrators.
COOKIE CRUSHER
(Windows 95, 98 and NT; $15 shareware; www.zdnet.com/swlib,
www.shareware.com, etc.) Cookies are small files that a Web site installs
on your hard drive. The cookie can contain technical and personal
information, including a history of the Web pages you have visited. These
utilities enable the user to accept or reject cookies.
BCWIPE WINDOWS
(Windows 95, 98 and NT; $15 shareware; www. download.com,
www.zdnet.com/swlib and others.) For those who prefer not to use an
encryption package, BCWipe provides military-grade file and disk wiping to
make sure that deleted files are really erased.
Copyright 1998 The New York Times Company
--------------------------------NOTICE:------------------------------
ISPI Clips are news & opinion articles on privacy issues from
all points of view; they are clipped from local, national and international
newspapers, journals and magazines, etc. Inclusion as an ISPI Clip
does not necessarily reflect an endorsement of the content or opinion
by ISPI. In compliance with Title 17 U.S.C. section 107, this material is
distributed free without profit or payment for non-profit research
and educational purposes only.
---------------------------------------------------------------------------
ISPI Clips is a FREE e-mail service from the "Institute for the Study
of Privacy Issues" (ISPI). To receive "ISPI Clips" on a regular bases
(up to 3 - 8 clips per day) send the following message "Please
enter [Your Name] into the ISPI Clips list: [Your e-mail address]" to:
[email protected] .
The Institute for the Study of Privacy Issues (ISPI) is a small
contributor-funded organization based in Victoria, British Columbia
(Canada). ISPI operates on a not-for-profit basis, accepts no
government funding and takes a global perspective.
ISPI's mandate is to conduct & promote interdisciplinary research
into electronic, personal and financial privacy with a view toward
helping ordinary people understand the degree of privacy they have
with respect to government, industry and each other and to likewise
inform them about techniques to enhance their privacy.
But, none of this can be accomplished without your kind and
generous financial support. If you value in the ISPI Clips service or if
you are concerned about the erosion of your privacy in general, won't
you please help us continue this important work by becoming an "ISPI
Clips Supporter" or by taking out an institute Membership?
We gratefully accept all contributions:
Less than $60 ISPI Clips Supporter
$60 - $99 Primary ISPI Membership (1 year)
$100 - $300 Senior ISPI Membership (2 years)
More than $300 Executive Council Membership (life)
Your ISPI "membership" contribution entitles you to receive "The ISPI
Privacy Reporter" (our bi-monthly 12 page hard-copy newsletter in
multi-contributor format) for the duration of your membership.
For a contribution form with postal instructions please send the following
message "ISPI Contribution Form" to [email protected] .
We maintain a strict privacy policy. Any information you divulge to ISPI
is kept in strict confidence. It will not be sold, lent or given away to
any third party.
**********************************************
To subscribe or unsubscribe, email:
[email protected]
with the message:
(un)subscribe ignition-point email@address
**********************************************
www.telepath.com/believer
**********************************************