d

Wiping: The Complete Documentation

• This category contains 4 Papers
• The last paper was added on 2007-03-26 (YYYY-MM-DD)

Secure Deletion of Data from Magnetic and Solid-State Memory

Published on June 25, 1996, by Peter Gutmann, ©University of Auckland.

With the use of increasingly sophisticated encryption systems, an attacker wishing to gain access to sensitive data is forced to look elsewhere for information. One avenue of attack is the recovery of supposedly erased data from magnetic media or random-access memory. This paper covers some of the methods available to recover erased data and presents schemes to make this recovery significantly more difficult.

Secure File Deletion: Fact or Fiction?

Published on 2001-07-05, by Rick Maybury, ©SANS Institute.

Computers have changed the way people communicate and conduct business. Word processors, spreadsheets, e-mail, instant messaging, and chat have become part of daily life. With the creation and growth of the Microsoft Windows Operating Systems, the ability to utilize these tools no longer requires college degrees or knowing how to program. Application interfaces have become intuitive; once you have mastered one application; other applications perform and operate similarly.

From a user's standpoint, applications create files that are stored on the hard drive or removable media. When the user no longer needs a particular file, the user deletes it and moves on. As far as the user is concerned, any information contained in that file is gone forever, unable to be recovered by the user. However, because of the way operating systems and applications work, that file may be recoverable and if that file is not recoverable, the data it contained may be found in other files. The reason for this is that in order to function properly, operating systems and applications creates additional files or write data to the hard drive. All of this is done without the user's knowledge. From a privacy and corporate security standpoint, it is important to know about these additional files. These files may contain remnants of proprietary data, research and development projects, confidential memos, merger and acquisition information, financial data, customer information etc. Although these files may not be viewable or recoverable by the user, they can be recovered utilizing computer forensics tools (or simply viewed using a tool such as Norton's Disk Edit).

This paper will deal with how and where some of these files are created and how to securely remove them from a system. Microsoft Windows operating systems and associated applications will be the main focus. This paper is divided into two main sections: the first section is designed to be a primer on the types of information that can be found on a hard drive. It is not designed to be a fully detailed data recovery/computer forensics tutorial, but rather to show security professionals how much information can be found on a hard drive. The second section deals with the concepts behind securely deleting files and associated data from a hard drive.

Unix Secure File Deletions

Published on June 25, 2001, by Ken Hatfield, ©SANS Institute.

In the war of data protection, one aspect that can be overlooked is the potential for information compromise from ineffective file deletions. Due to the mechanics of writing data to magnetic media, it is possible to retrieve data that the user (and the Operating System) believes to have been removed. This paper will show how this type of data compromise can occur and review capabilities within the Unix operating system and other available Unix tools to mitigate this potential for data loss.

What You Don't See On Your Hard Drive

Published on April 04, 2002, by Brian Kuepper, ©SANS Institute.

Just because you don't see it doesn't mean it's not there. By having a knowledge of something that exists, but is hidden from your sight, will give you an advantage because you know it's there. In the security field it is very important to keep up to date on the latest information available. If you don't, someone will take advantage of your ignorance. Things are always changing and becoming bigger, better, faster and sometimes sneakier. A few years back in my Information Technology career I made the change from Desktop Support to the Information Security Group. Since then I have learned a tremendous amount about security. I have learned that you have to train yourself to think differently about things, add a little paranoia.