Posted on 12/10/2018 12:55:25 PM PST by outofsalt
If you want to be sure, take it down to the hospital and have them run an MRI on it. It’s so sensitive, they can tell if there’s still data on it.
I'd like to revise that statement. When I separated out of the USAF as a Telecommunications Systems Controller early in 1981 we did not have email. After a year and a half at ITT and then a year and a half at Sprint, I hired on with MCI on December 14, 1983. We were already using our email to communicate around the world at that time.
MCI Mail service was launched on September 23, 1983, in Washington, D.C.I was the Senior Maintenance Tech in Atlanta with the MCI Mail facility the next floor down from our Terminal. When the NSF project came along I was working at Our Regional Hub at Austell, GA when those NSF backbone routers were installed. I retired after 31 years with Verizon Business(legacy MCI).On January 1, 1983 the ARPANET converted to TCP/IP as its standard host protocol. Gateways (or routers) were used to pass packets to and from host computers on local area networks.
In September 1984 work was completed on restructuring the ARPANET giving U.S. military sites their own Military Network (MILNET) for unclassified defense department communications.[48][49] Controlled gateways connected the two networks. The combination was called the Defense Data Network (DDN).[50] Separating the civil and military networks reduced the 113-node ARPANET by 68 nodes. The MILNET later became the NIPRNet.
In the mid 1980s, National Science Foundation Network (NSFNET) decided to build a network called NSFNET to provide better computer connections for the science and education communities. The NSFNET made possible the involvement of a large segment of the education and research community in the use of high speed networks. A consortium consisting of MERIT (a University of Michigan non-profit network services organization), IBM and MCI Communications won a 1987 competition for the contract to handle the network's construction. Within two years, the newly expanded NSFNET had become the primary backbone component of the Internet, augmenting the ARPANET until it was decommissioned in 1990.
Gotcha
I purchased a subscription to the Office 365 Business Email service. I pay about $4/mailbox/month but I get the same Enterprise quality service that larger companies get. I use my personal domain name with it. For as long as I’ve had it, several years, I haven’t experienced any outages.
I prefer paying a little to have my own private email rather than rely on free services like GMail or Yahoo.
I used Eraser for a number of years, but newer versions are NOT reliable, and have multiple issues. I do not trust it and do not use it now.
Bleachbit and CCleaner are more what I use now, mainly bleachbit. Someone here mentioned ccleaner had security issues — I had not read that but will check into it before using it again.
Bleachbit is interesting in that it does NOT do multiple overwrites with random or variously patterned data. They have a whole writeup on why they do not think it helps.
Doing individual files with bleachbit and dome other method for free space of needed seems like a good idea except for solid state drives.
CCleaner has an option for multi-pass deleting...and it has other useful functions... I have used the free version for years.
Most companies like Yahoo, Comcast etc. keep all you emails indefinitely. You can request one and go back 6 months. A legal subpoena and they can go back to your first email.
So, if I'm looking at a new laptop, should I avoid SSD and stick with "normal" HDD for longevity and security?
LOL. You have to be very careful when using the dd command. It is extraordinarily powerful and you can easily wipe out stuff that you don't intend. The difference between 'dd if=/dev/zero of=/dev/sde1' and 'dd if=/dev/zero of=/dev/sdd1' can be kinda catastrophic.
True, but you have to admit, dd WILL PERMANENTLY delete the files.
When I was in the military 20+ years ago, we ran a test using dd to wipe a drive using a series of commands. The test involved multiple drives containing non classified material. After using dd, we then used a popular commercial disk recovery software to attempt to read the drive. None of the drives were recoverable.
https://eraser.heidi.ie/ I have used this program.
I wouldn’t necessarily say that.
Think of the SSD as a sheet of paper. You write on it, and erase it. What you wrote can still be read. You write on it again. What you wrote the first time can still be read, but it’s harder. Erase again and rewrite. You can do this, and it makes it increasingly difficult to read what you first wrote. This is also destroying the paper.
You have plenty of writes on your SSD for years of use, but using a file shredder will hurt that. As others have said, delete, go about your normal business, and destroy the drive when you get rid of your computer.
With most filesystems, no. Deleting a file doesn't actually do anything at all to the actual data associated with a file. A filesystem is like a book with an index. The index points to the individual pages in the book. When you delete a file it is that index entry that is deleted. When the pointer to that page is deleted, the page is marked as 'free', so you can now write new data to it. Until new data is actually written to that page, the data is still there, and proper forensics can recover it.
I do not know exactly how it works these days with NTFS or whatever it is that windows uses for a filesystem, but back in the old days before we actually had tools that would allow you to recover files, I had a program that would actually let you directly edit individual sectors on a disk. I used that to learn a bit about how the FAT tables worked. When you would delete a file, not only was the filespace not deleted, but the 'index' pointer wasn't actually deleted either. What happened instead was that the first character of the filename was changed from whatever it was to the hexadecimal value of "E5". So, to 'undelete' a file, if you could edit the disk, you could change that first character back to a standard ASCII value like '61' (which is an 'a'), and the file would be magically undeleted. You could also do some neat things like change that first character to an unprintable character, so that if you didn't know what it was, it would make it hard to access that file.
Modern filesystems are a bit more complex than FAT was back in the day, but from what I understand, all FAT derivatives, like FAT16, FAT32, and EXFAT which are typically used on memory cards and thumb drives are essentially the same.
Another thing about the way files are allocated is that they are actually laid out in chunks of a standard size. The size of those chunks is fixed when you format the drive, so it makes the whole 'book with pages' actually a closer analogy than you might think. Let's say that you allocation unit is 1024 bytes. That means that if you create a file that has nothing in it but the text "hillary is a liar" (18 bytes), it is still going to take up 1024 bytes of your disk space. So, if you have, say 100,000 tiny files of a few bytes each, they could easily take up more space than a single one megabyte file.
So, what about all that extra unused space at the end of the file? Well it is essentially wasted. There are security ramifications of this. Let's say you had a file that used up all of the allocated space.
AAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAA
Now, we change the file, but when we updated the file the data wasn't as big as the previous file. You might end up with something like this that is actually on your disk...
BBBBBBBBBBBBBBBBBBBB BBBBBBBBBBBBBBBBBBBB BBBBBBBBBBBBBBBBBBBB BBBBBBBBBBBBBBAAAAAA AAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAA
When the new file is written, it doesn't overwrite everything in the block, so some of the data that you previously had in it that you thought you had deleted is no longer there actually still remains. THere are forensic tools that can pull that data from the end of the blocks out as well. Yeah, it's going to be fragmented and incomplete data, but sometimes that's all you need.
So, to get back to the topic of the thread, a program that securely deletes a file should also zero out that slack space at the end of the allocation block as well as the file itself. Similarly, a program designed to wipe "free" space on the drive should also get those unused fragments at the end of the blocks as well.
All of this is probably more than you needed, or wanted to know, but hopefully someone will find if of interest. :-)
Yup. It's safe from prying eyes until they pull out the electron microscopes.
I've used dd for a lot of fun stuff. Back when vmware was a fairly new product, we used a combination of 'dd' and 'netcat' to do physical to virtual conversions. It was a simple, yet elegant solution.
Bernie Ebbers is still cooling his heels in the Federal Correctional Institution, Oakdale (FCI Oakdale). The earliest date Ebbers can be released is in July 2028, at which time he will be aged 86.[31]
Good thing...I don’t write..and e-mail stuff...I think.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.