Full Disk Encryption = Wiping consequences.

Discussion in 'privacy technology' started by Fano effect3, Jan 22, 2008.

Thread Status:
Not open for further replies.
  1. Fano effect3

    Fano effect3 Registered Member

    Joined:
    Jan 22, 2008
    Posts:
    37
    Location:
    Amsterdam, Holland
    Since FDE encrypts unused disk space and all the disks space in general,
    this would make the use of wipe-tools like open source Eraser in theory
    no longer essential, but this wont keep anyone who has stolen your
    pre-boot password (or forcing it out of you) from restoring any of your
    previously deleted files which where not wiped. Ive tested it myself by
    first fully encrypting my disk and then normally delete some random
    files, then I checked the amount of restorable files, changed the
    pre-boot password, rebooted and checked again for restorable files and
    counted the files again and the numbers matched exactly, confirming this
    simple theory.

    So with a security and privacy prospective in mind, this solution is no
    longer as attractive as it first seemed, if you want to make sure your
    files are gone, a ++ solution would be a better idea but....

    My question is: Can one still remain using Eraser or likewise tools in
    conjunction with Full Disk Encryption without having as a consequence,
    data corruption due to the wiping of unused disk space and or file's in
    general.

    Ive done allot of direct searches on multiple security and privacy
    related forums like this one, without ever posting the direct question
    myself, because my credo when it comes to Internet information gathering
    is, don't post before you search, because it is irritating when forums
    are flooded by the same questions over and over that are already
    answered. This time I didn't came up with right answer to mine. Probably
    because text that has anything to do with these sort of peculiar
    subjects get removed or mysteriously vanish from web pages (not all),
    including google's cache, or when using particular search terms the
    results are deliberately made hard to find via search engines.
     
  2. ethernal

    ethernal Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    132
    Location:
    Stockholm, Sweden
    consider this:

    its easy to dig up several revisions of previously deleted files, hence encrypting your drive without wiping it first is useless since the unencpryted material is freely available. i usually generate blocks of 2gb openssl tables and write them randomly to disk, it works fine and the entropy is good enough.

    wiping from outside the encryption is useless, since the files are already heavily encrypted (i presume?) and wiping outside can possibly wreak havoc.

    if you're dead set on wiping your files, it would have to be inside the crypto...
     
  3. Fano effect3

    Fano effect3 Registered Member

    Joined:
    Jan 22, 2008
    Posts:
    37
    Location:
    Amsterdam, Holland
    I was talking about wiping files with tools like Eraser from inside the already Fully Encrypted Disk's operating system, and the possible consequences to file integrity and damage when using both. If it is possibility to use both without having this problem scenario, please reply. :)

    Because.

    Rephrasing : "Since FDE encrypts unused disk space and all the disks space in general,
    this would make the use of wipe-tools like open source Eraser in theory
    no longer essential, but this wont keep anyone who has stolen your
    pre-boot password (or forcing it out of you) from restoring any of your
    previously deleted files which where not wiped. Ive tested it myself by
    first fully encrypting my disk and then normally delete some random
    files, then I checked the amount of restorable files, changed the
    pre-boot password, rebooted and checked again for restorable files and
    counted the files again and the numbers matched exactly, confirming this
    simple theory."
     
    Last edited: Jan 22, 2008
  4. ethernal

    ethernal Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    132
    Location:
    Stockholm, Sweden
    well, running your disks in a crypto loop isn't supposed to help against recovering data if they have the correct key.

    so now, you'd have to wipe.

    the purpose of a loop is that without the key, the assailant can't access your files in case of you loosing your laptop, or similar scenario.

    as long as you wipe inside the loop, i forsee no problems.
     
  5. Fano effect3

    Fano effect3 Registered Member

    Joined:
    Jan 22, 2008
    Posts:
    37
    Location:
    Amsterdam, Holland
    I understand I have to wipe and what Cryptoloop is used for years before I started this topic, but it seems that you presume that when I'm talking about wiping unused disk space or individual files, I mean wiping the whole disk without leaving any file, or an operating system running. This is not the case! I would like to know if the use of tools like Eraser whilst having the disk fully encrypted remains to be possible without causing any damage of individual files or the overall file- systems integrity on the present encrypted disk. To put it simple, are they compatible together? Yes or no and why.
     
    Last edited: Jan 22, 2008
  6. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    I've used Eraser with WDE for a while with great success. No flaws yet.

    The operating system doesn't know the disk is encrypted and neither does the filesystem. Those things act transparently. Considering there are entirely independent actions, there shouldn't be any reason you can't wipe the files out. One must also assume that files deleted even under WDE are still as recoverable according to the way you deleted them. So if you normally just wipe it from the file table like a normal delete, and encrypt that, decrypted it is just as recoverable until the freespace is over-written. If you wipe it, and it is encrypted, and decrypted, it is assuredly lost. Just consider them independent events and the conclusion is obvious: if someone has your pre-boot password, they can decrypt the drive and try to do recovery against the "unused" (but previously encrypted) diskspace.

    So? Use eraser on sensitive files, and to a freespace erase periodically.
     
  7. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    I am awaiting the new truecrypt... they announced january 2008.
    Beside why wiping? Shift/Move all your files from one hd to another. So you don´t need to wipe in case you want to sell your harddisk.
     
  8. Fano effect3

    Fano effect3 Registered Member

    Joined:
    Jan 22, 2008
    Posts:
    37
    Location:
    Amsterdam, Holland
    Re:XeroBank

    I knew all this before I started the topic, The only reason for it was to get reassurance that when you erase the "unused disk space" and I mean particularly the unused space with a tool like Eraser on a FDE, it wont effect anything. I count this as a No, thank you for the clarification of things.

    P.S With Eraser I don't use the wipe "first and last 2k" with huge files or any, because it seems to effect my file system in a way that is becomes corrupt on the long run. Maybe because bad sector repair tools try to recover them or sees them as bad sector files. So its not directly Erasers fault.
     
    Last edited: Jan 22, 2008
  9. Fano effect3

    Fano effect3 Registered Member

    Joined:
    Jan 22, 2008
    Posts:
    37
    Location:
    Amsterdam, Holland
    Shif/move of unused space? Id rather use DBAN.
     
  10. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    Yes, my vote counts as a "No". And I use frequent pseudo-random data wipes of clear space.
     
  11. Fano effect3

    Fano effect3 Registered Member

    Joined:
    Jan 22, 2008
    Posts:
    37
    Location:
    Amsterdam, Holland


    Yes, I always used 1pass for unused space on systems who didn't use FDE regularly, but now I'm sure I can do it on the FDE ones also. And about 33passes pseudo-random for really privacy sensitive preselected files. (vote :) )
     
  12. ethernal

    ethernal Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    132
    Location:
    Stockholm, Sweden
    but if you understand what a cryptographic looping file system is, why do you keep asking the same questions :blink:

    as i've tried to explain, and as xerobank also said, the loaded operating system has no clue that anything odd is going on, it's transparently handeled.
    you can wipe, format, move, do whatever you want and it will react exactly the same as if it was a completely normal installataion (albeit a little bit slower)
     
  13. Fano effect3

    Fano effect3 Registered Member

    Joined:
    Jan 22, 2008
    Posts:
    37
    Location:
    Amsterdam, Holland

    First Don't blame me for you not fully understanding what this topic was all about!

    I didn't ask the same questions, but had to rephrase everything that you did not get. I did not receive straight answers from you, on the thing I was specifically referring to . Xerobank was able to give relevant answers because he seemed to understand what I meant. You were talking about definitions and other off-topic things. Maybe next time, reading more carefully and not jumping to conclusions, wont give this sort of miscommunication. :doubt:
     
    Last edited: Jan 23, 2008
  14. ethernal

    ethernal Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    132
    Location:
    Stockholm, Sweden
    *shrugs*
    i do apologize for being unclear. i tend to give specific answers to specific questions. not necessarily good answers, just correct answers :ouch:
     
  15. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    Sounds good hopefully truecrypt 5 will prove that.
     
  16. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,634
    Location:
    U.S.A. (South)
    Im comparison to the freeware utility RESTORATION of which many of you are surely already familiar with, does the same apply?

    And to draw an opinion, in your estimation is RESTORATION's "Delete Completely" just as effective as ERASER's wipe free space or no, and if not please point out those specific differences.

    Great topic and discussions, thanks

    EASTER
     
  17. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Focusing on the wipe feature, operationally the difference really just seems to reside in the wipe methods applied by the two programs (random numbers then zeroes for Restoration, a number of defined protocols for Eraser). For current technology drives, if you're a government body with access to very significant resources, you might to able to pull out a difference, but even there it would be a shot in the dark. For anything less than recovery of some else's closely guarded state secrets, forget it. The end results are the same.

    There are other reasons for using one of these applications or a commercial package. However, that has to do with other features.

    Blue
     
  18. ethernal

    ethernal Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    132
    Location:
    Stockholm, Sweden
    at a first quick looksie i couldn't find what algorithms 'restoration' uses, but 'eraser' on the other hand uses the gutmann theory for erasing and that's pretty good in my book.
     
  19. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    I saw reference, attributed to the program author, to a description where he specifically mentioned "random numbers then zeroes" and that's a detailed as it gets. The zeroes I can confirm. The random numbers I assume, but are not needed.
    With current technology drives, it has no absolutely downsides aside from time spent on the process. However, it is overkill with respect to wiping the disk. It made some sense when the technology involved MFM/RLL encoded disks. That's no longer the case. It's not bad, it's just not required.

    Blue
     
  20. ethernal

    ethernal Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    132
    Location:
    Stockholm, Sweden
    i seem to remember somebody managing to resture up to 7 random layers of a hard drive, due to magnetic residue on the actual platters.

    obviously, this is really not needed for home users, and the tools that might be able to really dig deep aren't freely available. i agree it's overkill, but i still like having the capability. :)
     
  21. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Not with current drive technology. People speculate that magnetic force microscopy or similar technology could work, but there are severe throughput issues even if the mechanics to perform it were readily available. For a reasonable discussion from an industry perspective, see here

    Blue
     
  22. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,634
    Location:
    U.S.A. (South)
    Thanks BlueZannetti for the input.

    So it seems BOTH programs function somewhat similarily in some respects, difference being ERASER is been fashioned to be multi-equipped with additional wipe methods intended strickly for wiping purposes whereas RESTORATION doubles as a file recovery program of sorts to attempt restoring of still recoverable files on disk, as well as overwriting files/clusters from already deleted material still identifiable as well as removing/changing references to the same of file name records.

    RESTORATION then can be said to be single dimensional in that respect to it's DELETE COMPLETELY method as opposed to ERASER'S several forms in which to select from.

    My purpose to this is always been performance GAIN with this routine, and contrary perhaps to popular belief, i certainly notice a snappier increase in responses all across the board after every complete run although occasionally LENGTHY process.

    Of course, that is but a brief short-lived measurable gain in that respect since accumalation of files begin yet again in earnest due to Windows own moving of files into that same delete area as well as user activity and any deleted/erased files also build up and add to it again. Is it at all practical to task disk activity repeatly like this on a daily or weekly basis this way? Maybe not. But depends on just how durable the hard drive componants can withstand this repeated wiping technique.
     
    Last edited: Jan 27, 2008
  23. dantz

    dantz Registered Member

    Joined:
    Jan 19, 2007
    Posts:
    994
    Location:
    Hawaii
    I'm curious about how you can obtain a noticeable performance increase merely by wiping the freespace, which is what I assume you are mainly doing. What is your protocol? Are you wiping the cluster tips? Do you follow the wipe with a defrag? Can the performance increase be measured?
     
  24. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    ethernal, Just to save you some time (35 passes takes a while!), even Gutmann himself says that with modern drives that his 35-pass method is no better than a few random passes.

    Epilogue to Secure Deletion of Data from Magnetic and Solid-State Memory by Peter Gutmann

    "In the time since this paper was published, some people have treated the 35-pass overwrite technique described in it more as a kind of voodoo incantation to banish evil spirits than the result of a technical analysis of drive encoding techniques. As a result, they advocate applying the voodoo to PRML and EPRML drives even though it will have no more effect than a simple scrubbing with random data. In fact performing the full 35-pass overwrite is pointless for any drive since it targets a blend of scenarios involving all types of (normally-used) encoding technology, which covers everything back to 30+-year-old MFM methods (if you don't understand that statement, re-read the paper). If you're using a drive which uses encoding technology X, you only need to perform the passes specific to X, and you never need to perform all 35 passes. For any modern PRML/EPRML drive, a few passes of random scrubbing is the best you can do."
    http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
     
  25. ethernal

    ethernal Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    132
    Location:
    Stockholm, Sweden
    funny how people quote me without reading what i said. i'm not saying you should use it, i'm saying "i like to have the capability". that does NOT automatically mean i use it all the time.

    7 pass random data is more than enough for anyone.
     
Loading...
Thread Status:
Not open for further replies.