Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 28 Nov 2003 00:14:49 -0800
From:      Wes Peters <wes@softweyr.com>
To:        "Poul-Henning Kamp" <phk@phk.freebsd.dk>, Stefan =?iso-8859-1?q?E=DFer?= <se@freebsd.org>
Cc:        freebsd-hackers@freebsd.org
Subject:   Re: "secure" file flag?
Message-ID:  <200311280014.49356.wes@softweyr.com>
In-Reply-To: <32476.1069741443@critter.freebsd.dk>
References:  <32476.1069741443@critter.freebsd.dk>

next in thread | previous in thread | raw e-mail | index | archive | help
On Monday 24 November 2003 10:24 pm, Poul-Henning Kamp wrote:
> In message <20031124235738.GA4107@StefanEsser.FreeBSD.org>, Stefan
> =?iso-8859-1
>
> >And that is what this thread is about: Secure removal of data from
> >storage media. There definitely is a difference between RLL (as in
> >1,7i RLL) and modern PRML drives under this aspect.
>
> No there isn't.
>
> It's been proven again and again that you cannot reliably overwrite
> data on a magnetic media.  In particular the difference in read/write
> geometry and lack of fine control over head placement makes this
> impossible.
>
> The only reliable way to loose data is to encrypt them and throw the
> key away.

This is the conclusion I came to after pushing the idea around for months.

If you want an interesting problem to work on, come up with a solution to 
the keying problem for disk encryption.  It somehow needs to allow 
automated, unattended reboots during "normal" operations but prevent 
attackers from compromising the system.  Maybe you could have the system 
send an SMS message when it needs a key, you reply with a one-time key 
from your mobile phone?

While you're in there, paint that bikeshed blue.

-- 

        Where am I, and what am I doing in this handbasket?

Wes Peters                                               wes@softweyr.com



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200311280014.49356.wes>