[svlug] 2 part Linux question

Bryan K. Watson bwatson at nettracers.com
Thu Jul 10 14:19:34 PDT 2003


On Thu, 2003-07-10 at 13:49, Scott Hess wrote:
...snip...
> Also, the encryption pass should remove entropy, ...snip...

I think you meant "increase entropy", as the apparent disorder and lack
of patterns within the data should increase with encryption.  The
optimal disorder being and even and truly random distribution of bit
patterns.  Entropy==increasing_disorder where
extropy==increasing_order.  

The DOD standard for alternating data patterns written to the media is
useful and works for all but the most intensive and expensive forensic
recover attempts (although I have never seen this level of recovery
succeed myself, even in paid recovery attempts).  Short of destroying
the media, applying a DOD wipe and then allowing the final wipe pattern
to sit on the drive for some time (until it becomes as obsolete as an
old RLL 5MB Hard Disk from the 80's) should allow the pattern to "drift"
to the neighboring parts of the media and obscure any old data memory
there.  



-- 
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- Bryan K. Watson   -   InfoSec Consultant   -   netTracers 
- bwatson at netTracers.com - www.nettracers.com - 1(877)HACK-NOW 






More information about the svlug mailing list