[liberationtech] Forbes recommends tools for journalists
Michael Rogers
michael at briarproject.org
Mon Dec 17 13:42:13 PST 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 17/12/12 20:12, Danny O'Brien wrote:
> I think these days you have to tie Forbes' (good) advice not to
> save everything with an encouragement to use full disk encryption.
> We're in an awkward space right now where we can't fully guarantee
> that data gets deleted off a modern flash (SSD) drive, even with
> previously strong deletion tools. And forensics software is good
> enough to pick up a lot of local clues about what you've used your
> own computer for, even if you think you've turned off all logs and
> removed the saving of sensitive data. Minimize what you record, but
> also encrypt.
Sorry to go off on a tech tangent after you've rightly pointed out
that this isn't simply a matter of choosing the right tech, but I'd
like to ask the list for a bit of advice regarding secure deletion
from SSDs.
Secure deletion is a problem we could solve in software, by encrypting
the data and then destroying the key to render the data unrecoverable,
*if* we had a few bytes of persistent, erasable storage in which to
store the key. (Storing the key on the SSD itself doesn't work,
because then we can't securely delete the key.)
I'm not aware of any suitable storage on current smartphones or
personal computers, so we may need to ask device manufacturers to add
(simple, inexpensive) hardware to their devices to support secure
deletion.
So I have two questions for the list: who should we try to persuade,
and how should we persuade them?
Cheers,
Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBAgAGBQJQz5G1AAoJEBEET9GfxSfMFSoH/jQ0HtBhP2bDhYLGGXk7ESU1
onC5tMBFUvvQzsqmVeV/HmEciW+WPeJ942Oek7r0DEWiBseFF3tMzquG/Yc4pURn
hYaRNlEjIzPFyZ+9kXiU7cUwGozoThKw+CxwBB4LKSEOSlqn28EmPGsKG59seDrS
3PJtqPcYKCWqKXmhIu3Hzc3Zn5dsRKeWZYmv9nQm40kj3YrR4OPoz/roCT72OUDu
E/SRCmd/zgDSy556OJ8U0xu3KNU9JLebWxYV+HRfAyctbjCnDP63LD+ABjKr+lTn
lQnvXB9rJtB/yzyewiG++ZlT7bpzLZ5L5hI1UkHv8Udqyfnp463Azq88Plbi5MY=
=9K1+
-----END PGP SIGNATURE-----
More information about the liberationtech
mailing list