[ISN] What's on your harddrive?

From: mea culpa (jerichot_private)
Date: Sat Oct 10 1998 - 03:48:01 PDT

  • Next message: mea culpa: "[ISN] Inside a hacker's world"

    Forwarded From: phreak moi <hackerelitet_private>
    
    http://www.nytimes.com/library/tech/98/10/circuits/articles/08driv.html
    
    What's on Your Hard Drive?
    
    If You Want Privacy, It Pays to Find Out What Data Your Computer Saves And
    How to Erase Information That the Delete Button Hardly Touches
    
    By PETER H. LEWIS
    
    For computer users, some of the more startling revelations in the Starr
    report have nothing to do with sex.
    
    Footnotes in the report from the Office of the Independent Counsel include
    such phrases as "document recovered from Ms. Lewinsky's home computer,"
    "e-mail retrieved from Catherine Davis's computer" and "deleted file from
    Ms. Lewinsky's home computer." 
    
    One of the ways Kenneth W. Starr's investigators peered into the private
    lives of their subjects was to peer into their computers. What they were
    able to find, and the ease with which they found it, may prompt computer
    users to re-evaluate their computer practices. 
    
    Word processing software, Web browsing software and electronic mail have
    become integral to all sorts of communications, both professional and
    personal. As a result, many people have files on their hard disks that
    they wish to keep private, like love letters, confidential business
    documents or financial data. 
    
    And many people have sensitive, confidential and potentially embarrassing
    files in their computers that they do not know are there, either because
    they think that the files have been erased or because they are unaware
    that certain common programs on the computer automatically keep a log of
    what the user does. 
    
    "Recovering files that were deleted from a computer directory is a trivial
    process," said Joel R. Reidenberg, a professor at the Fordham University
    School of Law in New York who specializes in privacy issues. He said a
    related issue was the computer's creation of sensitive files that the user
    often did not know were there in the first place. 
    
    "The user's Web browser will create files, unbeknownst to the user, that
    record all their interactions," Professor Reidenberg said. "Many people
    today know about cookie files, but the browser creates a history file as
    well that keeps a record of the Web sites the user visits. And then
    there's a cache file that sometimes even keeps copies of the pictures that
    have been downloaded." 
    
    More obscure are the temporary files created by word processors, for
    example, and the so-called swap files that an operating system creates as
    a way to manage computer memory. These files often remain readable even if
    the original files are erased. 
    
    In computers, being safe can sometimes lead to being sorry, as Oliver L. 
    North discovered in the Iran-contra investigation in the Reagan
    Administration, when incriminating files he thought had been deleted were
    later resurrected from network backup tapes. In the current Justice
    Department investigation of the Microsoft Corporation, e-mail messages and
    memorandums from long ago are being resurrected from computer disks and
    cited as crucial evidence. 
    
    The great majority of computer users have little reason to believe that
    their computer files will be scrutinized by law-enforcement agents,
    corporate and government spies, or even special investigators. But what
    about unscrupulous co-workers or curious children or computer thieves? 
    What confidential information resides on the hard disk of the computer
    that was donated to charity, sold at a yard sale or accidentally left on
    the commuter train? 
    
    Examples abound of sensitive information going out the door when
    government agencies, pharmacies, doctors' offices and other businesses
    donate or sell used computers without erasing the computers' memories. 
    
    Last year, for example, a woman in Nevada bought a used computer from an
    Internet auction company and was surprised to find that it contained
    names, addresses, Social Security numbers and prescription information for
    2,000 people, including people being treated for AIDS, alcoholism and
    mental illnesses. A pharmacy had failed to erase the information when it
    sold the computer. 
    
    The rise in the number of computer thefts and the increased sharing of
    computers in the home are confronting consumers with security issues that
    in the past were issues only for big corporations, banks, the military and
    government agencies, said Steve Solomon, chief executive of Citadel
    Technology Inc., a security software company in Dallas whose products
    include Winshield and Folderbolt. "It's moving down into the small office
    and home office markets, to schools and to home computer users," he said. 
    
    How does one keep confidential information private? And when the
    information is no longer needed, how does one make sure that it is
    completely erased? Both questions involve a combination of good computer
    security policies and good security software. 
    
    The software is the easy part. Creating and sticking with good security
    habits is the hard part. 
    
    "Technology exists today to protect individual privacy for as long as the
    individual chooses to keep the information private," said Scott Schnell,
    senior vice president of marketing at RSA Data Security of San Mateo,
    Calif. 
    
    Computer users today have access to inexpensive software tools that can
    encrypt the contents of a file (including images), an e-mail message or
    even the entire contents of a computer so thoroughly that it can never be
    read by someone else in our lifetimes. Other programs can shred unwanted
    files so completely that no one can recover them. But very few people use
    such security tools. 
    
    Computers are good at keeping secrets. Too good, in fact. The secrets can
    reside on a computer, and on a computer network, long after the user
    deletes them.  The files are forgotten, but not gone. 
    
    Deleting a file does not really delete the file. It merely hides it from
    view so it no longer shows up in a directory of files. It's like getting
    an unlisted telephone number. The listing may not appear in the phone
    directory, but the phone can still ring if someone knows the right number. 
    
    When a user deletes a file, the computer stops listing it in the file
    directory and marks the disk space as available for reuse. Another file
    may eventually be written atop the same space, obliterating any traces of
    the original. But as hard disk capacities swell into the gigabytes, the
    space may not be overwritten for a long, long time. 
    
    In that limbo period when the deleted file is undead, any moderately
    skilled computer user can locate, restore and read the deleted file by
    using such commands as "undelete" or "unerase," which are common features
    of many software utilities. 
    
    The computer's ability to remember deleted files is most often a good
    thing, especially when important files have been deleted by accident.
    Every day, computer technicians get frantic calls from people who have
    inadvertently erased the boss's speech or the big presentation due the
    next morning, or who have children who have erased those boring Quicken
    folders to make room on the disk for games. 
    
    At those moments, being able to resurrect the files from the dead seems
    like a miracle. 
    
    There are a number of utility programs available that have an "unerase" 
    capability, to be used both in emergencies and as a precaution against
    accidents. Examples include Norton Utilities from the Symantec
    Corporation. 
    
    But as with most tools, "unerase" programs can be dangerous in the wrong
    hands. 
    
    To truly erase a file and prevent it from being recovered, one must write
    over it, or wipe it. 
    
    There are several utility programs available that enable the user to
    overwrite a single file or the entire disk, or anything in between. Such
    programs typically have apocalyptic names, such as Shredder, Flame File
    and Burn. Similar disk-wiping tools are often included in PC utility
    programs and encryption programs, but others are available for downloading
    without charge from the Internet. 
    
    These programs typically hash over the designated disk space with
    meaningless patterns of ones and zeroes, instead of the meaningful
    patterns of ones and zeroes that represent the original information.  That
    process renders the deleted file unreadable in most cases. 
    
    The key phrase is "in most cases." Just as with encryption, there are
    people working just as hard to recover wiped files as there are people
    working to wipe them.  Law-enforcement agencies and spies have developed
    ways to reverse a simple, one-pass wipe with ones and zeroes and retrieve
    the original file. So the Federal Government requires that sensitive files
    be wiped many times with random characters, which, in theory, obliterates
    the original file and makes it unrecoverable. 
    
    Unless, of course, the file has already been copied onto backup tapes.  In
    the digital world, the original file may be shredded, while one or more
    perfect copies can exist elsewhere. 
    
    An even more bulletproof way to render files unreadable is to encrypt
    them. 
    
    Encryption scrambles a disk or file, including pictures (or a telephone
    conversation, or a credit card sent over the Internet) so it can be opened
    and read only by the person holding the proper key, or password.  The
    strength of the encryption is often measured by the length of the key,
    which is in turn measured in bits. In general, each additional bit of key
    length doubles the amount of effort needed for unauthorized users to break
    the key. 
    
    Even weak encryption (with a 40-bit key length, for example) is sufficient
    to deter most casual snoops. Breaking a 56-bit key requires computing
    resources that are beyond the reach of all but the most determined code
    breakers, and even then it can require days of sustained attacks by a
    supercomputer just to crack one e-mail message. (The Government's National
    Security Agency, by far the most formidable group of code breakers on the
    planet, is thought to be able to break 56-bit keys in a much shorter time,
    said Enrique Salem, a chief technology officer at Symantec, whose products
    include Disk Lock, Norton Your Eyes Only, and Norton Secret Stuff. 
    
    Some encryption programs available today use 128-bit keys, which are
    "infinitely unbreakable, at least in our lifetimes, even taking into
    consideration the predictable advances in computing power," said Schnell
    of RSA. In other words, it is more secure than the strongest physical
    vault ever built. Not even the National Security Agency is believed to
    have the ability to break a 128-bit key. 
    
    And then there is e-mail. People type all sorts of embarrassing,
    confidential or intemperate words in e-mail in the mistaken belief that
    such messages are private. In reality, messages sent by e-mail are less
    secure than messages scribbled on a postcard. 
    
    The way the Internet mail system works, an e-mail message passes through
    several exchange points, or nodes, on its way to the recipient's computer.
    The system administrator at each handoff point can in theory read the
    message, copy it, reroute it or tamper with it. If the message originates
    or terminates in a corporate computer system, chances are high that a copy
    will persist in the company's backup tapes or disk for days, at least. 
    
    In the end, there are only two ways to keep information confidential in
    the digital age. One is to use strong encryption. The other is never to
    write it down or speak it in the first place. 
    
    -o-
    Subscribe: mail majordomot_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:07:09 PDT