Already a step ahead

Discussion in 'privacy technology' started by luv2bsecure, May 31, 2002.

Thread Status:
Not open for further replies.
  1. luv2bsecure

    luv2bsecure Infrequent Poster

    Joined:
    Feb 9, 2002
    Posts:
    713
    Oh Pete, no, I didn't make myself very clear. I am a step ahead of you with your suggestion. I have downloaded it and plan to check it out. I think it sounds very interesting. What I meant, was knowing nothing about it, I couldn't trust it, or anything as far as that goes until I understand the method.

    The reason the method is important is that some things can truly appear to be secure after it has "done its job," but in reality are still recoverable by hardware/forensic methods. Then, it's the old, "Are we protecting you from your kids going through your files, or do you want to be protected from three letter agencies?" Many programs appear to make data unrecoverable, and DO make it unrecoverable to simple software tools. BUT, if you need the high-level security, only after thorough testing can it be trusted. Does that make sense?

    It might be like an exterminator that comes to the house and rids you of ants. They ARE gone. But, you discover they're back three months later. However, you call another exterminator who explains that what the other company did got rid of the ants alright, but didn't use the kind of chemicals that KEEP them away long-term. (Make them unrecoverable.)

    That's why you should NEVER use an encryption program that claims to use "our own highly secure algorithm." (A proprietary encryption method.) Encryption is a science. Real encryption must be open source, peer-tested, and proven before it can be in the same truly secure league as a Blowfish,  Rijndael, etc.

    The SAME goes for Disk Wipers. In fact, I need to write for the source as it is NOT available for this program. If it's not given, forget it. Nobody that understands how data and freespace is wiped would EVER trust it. I imagine though we'll get it and I am very interested. I hope though I have made sense as to why method is important. I didn't mean to say write it off for good, I just meant I know nothing about it NOW. There was not a whitepaper with technical data on the site and until it is proven fully secure (which with these programs can easily be done) I can't, honestly, personally recommend it.

    Your question and suggestion was well taken though, and I hope I made some sense explaining why method and integrity of the code is all important.

    Good to hear from you, by the way. I haven't been on too much lately. Hope all's well.

    John
    Luv2BSecure
     
     
  2. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    Same here, John! Glad to see you posting again!

    I guess it is all a matter of degree regarding how much protection from recovery you get - and how much you actually need.

    For instance, I automatically go under under the assumption that, should my computer be confiscated by any three-letter agency, I'll not have a chance to perform a final wipe on it, anyway (we'll disregard the fact that anything they would find would bore them to tears and certainly not be prosecutable - unless, of course, Checkout's theory of my culpability for telling the truth winds me up in the hoosegow [a theory that's rapidly approaching believability, BTW] ).

    The average person - do they really have a need for industrial-strength sterilization of their computers?

    Or, do they simply need something that will defeat amateur efforts to decipher what they've been viewing/reading/typing?

    Even if you throw some of the 'data-recovery' companies into the equation (which you really should if you have the slightest question in your mind about whether or not your spouse will ever hire such an organization to delve into the guts of your computer for divorce-procedure ammunition), I'm not sure that 'simpler' rather than 'more efficient' would actually be more useful or effective, simply from the standpoint of the fact that people (generally-speaking) aren't going to go to the trouble of going through the erasure procedure either properly or on a frequent enough schedule to actually do them any good.

    Just a few thoughts that were flitting around in my head.

    Don't get me wrong, John, I believe if you're going to pratice data erasure (in other words, have a darn good reason to do so), you need the most bang for your buck (something totally effective and rigorously scheduled and done).

    I'll be quite interested to see your results! Pete
     
  3. luv2bsecure

    luv2bsecure Infrequent Poster

    Joined:
    Feb 9, 2002
    Posts:
    713
    I hear you, makes sense to me. In fact, (as you know) we are having to buy a new car. I'm of the mind that if it gets you where you want to go, it's a keeper! Trace is of the mind that the neighbors might think we have fallen on tough times if we don't have an SUV. So, you are right, for the average user it probably doesn't matter a whit which eraser to use (as long as it works and DOES delete the files) as most people would be doing nothing more than wiping a browser cache full of ESPN banners, recipe site gif's and other similar exciting files.

    By the way, I didn't mean to start a new thread, I just wasn't thinking. If you want to move this down to Disk Wiping, feel free. My mistake!

    Have a good one!

    John
     
Loading...
Thread Status:
Not open for further replies.