[svlug] 2 part Linux question

[Sanatan Rai]

: I guess I don't understand what that gets you.  You don't want to add a
: derivable signal, because an attacker could use it to model the impact
: very precisely.  A cryptographically secure pseudo-random signal is a
: known signal (you can precisely repeat it at will), but would be
: impossible to derive.  So I think that's a great improvement over anything
: that might repeat or that the attacker may be able to forecast after some
: analysis.

	I was thinking from the `signal processing' point of view.

: I don't think a good case can be made for an additional class between
: writing random data to the drive and scrubbing it.  It's like adding 9's
: to uptime.  Simple reformat is 90% effective, randomize is 99.999%, scrub
: is 99.999999%, and physically destroying the drive is probably not
: worthwhile to protect data for most individuals.  [Yes, I just made those
: numbers up.  I figure there are maybe a couple dozen groups who could
: overcome a randomized drive, and maybe 2 or 3 groups who could overcome a
: scrubbed drive.]

	This brings me to the question: are there well documented
instances of data retrieval from scrubbed or erased drives? It appears
to me that the capability attributed to the NSA or the FBI is primarily
folklore. I am not terribly impressed with someone with the authority to
put habeas corpus at bay as far as these issues are concerned. A
physicist at Princeton perhaps, provided he has published his work.
Otherwise one is just assuming that because it seems theoretically
possible these fellows should be able to do it.

--Sanatan

-- 
Sanatan Rai,                      | EMail: sanat at stanford.edu
Dept. of Management Sc. & Engg.   | Home: 143D Escondido Village,
Stanford University,              |       Stanford, Ca 94305.
Stanford, Ca 94305.               | 'phone: (650) 498 1655 (R)
                                  |         (650) 736 2109 (O)