[svlug] 2 part Linux question

Sanatan Rai sanat at stanford.edu
Fri Jul 11 21:10:50 PDT 2003

: I guess I don't understand what that gets you.  You don't want to add a
: derivable signal, because an attacker could use it to model the impact
: very precisely.  A cryptographically secure pseudo-random signal is a
: known signal (you can precisely repeat it at will), but would be
: impossible to derive.  So I think that's a great improvement over anything
: that might repeat or that the attacker may be able to forecast after some
: analysis.

	I was thinking from the `signal processing' point of view.

: I don't think a good case can be made for an additional class between
: writing random data to the drive and scrubbing it.  It's like adding 9's
: to uptime.  Simple reformat is 90% effective, randomize is 99.999%, scrub
: is 99.999999%, and physically destroying the drive is probably not
: worthwhile to protect data for most individuals.  [Yes, I just made those
: numbers up.  I figure there are maybe a couple dozen groups who could
: overcome a randomized drive, and maybe 2 or 3 groups who could overcome a
: scrubbed drive.]

	This brings me to the question: are there well documented
instances of data retrieval from scrubbed or erased drives? It appears
to me that the capability attributed to the NSA or the FBI is primarily
folklore. I am not terribly impressed with someone with the authority to
put habeas corpus at bay as far as these issues are concerned. A
physicist at Princeton perhaps, provided he has published his work.
Otherwise one is just assuming that because it seems theoretically
possible these fellows should be able to do it.


Sanatan Rai,                      | EMail: sanat at stanford.edu
Dept. of Management Sc. & Engg.   | Home: 143D Escondido Village,
Stanford University,              |       Stanford, Ca 94305.
Stanford, Ca 94305.               | 'phone: (650) 498 1655 (R)
                                  |         (650) 736 2109 (O)

More information about the svlug mailing list