John H. Robinson, IV
jhriv at ucsd.edu
Fri Nov 8 16:22:42 PST 2002
For now I'll concentrate on data hygiene and on-line anonymity. Why?
because your Linux box is literally peppered with data traces indicating
the Web sites you've visited, the files you've uploaded and downloaded,
and every file you've recently accessed. You think encryption is the
way to go? Think again. It's only as private as your passphrase is
strong. It may be impractical for a remote attacker to crack it, but a
brute-force attack is quite plausible for someone who has physical
possession of your box and plenty of time. Like a police forensics lab,
yes, lan pointed out this article. i wanted to add that the scripts that
were being offered, http://theregister.co.uk/media/945.gz are complete
all they do is copy /dev/urandom onto the free space (by making a new
file) or the swap space or the hard drive itself. the problem is, a
police foresics lab can read the magnetic traces of what was there
before. to make a secure wipe, you have to use a pattern of digits, it
works out to be about fourteen complete passes or so.
something a bit above what this very simple script does. beware of snake
oil, and the false sense of security it buys you.
i rate the article a 2 on a scale of 10.
More information about the KPLUG-List