<OT> As if I wasn't paranoid enough... / General Chatting / Forums

Forums

4hv.org :: Forums :: General Chatting

« Previous topic | Next topic »

<OT> As if I wasn't paranoid enough...

Move Thread

LAN_403

Conundrum

Thu Nov 26 2009, 12:43AM

Registered Member #96 Joined: Thu Feb 09 2006, 05:37PM
Location: CI, Earth
Posts: 4061

Hmm.
What to do? If I destroy my old drive(s) with a hammer this would look suspicious.

Maybe the answer is to borrow someone's high temp. kiln and melt them into slag?

(btw I usually dismantle them and keep the platters for random experiments, but in theory the data could be recovered)

Interestingly, there is an issue here with genuinely lost keys or corrupted media. If the files on a burned DVD can't be read due to old age then could this be seen as "failure to provide the key"?

(quickly microwaves then shreds his collection of coasters..)

I hate the way the Govt has turned the "War on Terror" into a general rights land grab. Call me cynical if you like but the whole thing stinks of totalitarianism.

-A

Yes I am in Guernsey, unlike the UK we have an ELECTED Govt.

aonomus

Thu Nov 26 2009, 01:21AM

Registered Member #1497 Joined: Thu May 22 2008, 05:24AM
Location: Toronto, Ontario, Canada
Posts: 801

Get a camera, a few friends and beers, film a video, put it on youtube.

Plausible deniability, you could even post it as a video reply to older hard drive destruction videos.

wylie

Thu Nov 26 2009, 06:29AM

Registered Member #882 Joined: Sat Jul 07 2007, 04:32AM
Location:
Posts: 103

Once you have a legitimate reason to be afraid, cynicism and paranoia become a legitimate response.

Chris Russell

Thu Nov 26 2009, 06:36AM

... not Russel!
Registered Member #1 Joined: Thu Jan 26 2006, 12:18AM
Location: Tempe, Arizona
Posts: 1052

Conundrum wrote ...

Interestingly, there is an issue here with genuinely lost keys or corrupted media. If the files on a burned DVD can't be read due to old age then could this be seen as "failure to provide the key"?

Never store or mark encrypted data as such. Properly encrypted data should be indistinguishable from random data, and so should be marked as such. As far as anyone is concerned, this is just a sample of thermal noise you pulled from a resistor. Provided you've taken appropriate steps to ensure your system leaves no trace behind that would prove otherwise (think swapfile, hibernation file, temp files, registry traces, logs kept by the system or other programs, etc), this should provide enough plausible deniability to establish reasonable doubt, in nations that adhere to that standard of proof.

wylie

Thu Nov 26 2009, 06:42AM

Registered Member #882 Joined: Sat Jul 07 2007, 04:32AM
Location:
Posts: 103

just a sample of thermal noise you pulled from a resistor

I propose we start a ThermalResistorNoise@Home distributed computing project. *wink*

in nations that adhere to that standard of proof

Hmmm, sort what people are worried about. We still got that bothersome lil shield in place, but for how long?

EDIT: I mean ASBOs, cmon. no due process, crazy consequences for non-compliance. Just Peachy. And TOTALLY LEGAL.

"I was expecting Hoodies. Happy Slappy Hoodies with ASBOs. And Ringtones." -Doctor Who (The Tenth Doctor)

Nicko

Thu Nov 26 2009, 10:05AM

Registered Member #1334 Joined: Tue Feb 19 2008, 04:37PM
Location: Nr. London, UK
Posts: 615

Its not that straightforward (in the UK at least). Amongst other things, I used to be responsible for security for a largish public finance company - the destruction of hard drives etc. was part of general day-to-day activity - we used the same disk shredding company as the police (they turn the drives into granules).

Destroying hard drives per se is not a crime - refusing to release keys or decrypt a known encrypted partition or container file when requested as part of a legal investigation is.

This guy was obviously very keen - to use stenography on an already encrypted file is a bit of overkill - if you want to hide a container, don't use a file, use an encrypted partition or similar instead - we did this when sending 2.5" hard drives to lawyers etc.

There are several free tools for this, as well as a number of commercial ones - Bruce Schneier has a number of papers on plausible deniability which are definitely worth reading.

Note that some free tools have had problems in the past where they left a recognisable signature bit pattern in encrypted partitions, i.e. it was possible to determine that a partition was NOT random data, but indeed encrypted, although the keys were still unavailable - such a signature then renders the defence of plausible deniability untenable.

BTW. Trying to destroy a hard drive with a hammer is NOT enough. You would be astonished what a determined agency with good funding can get off even shards of platters... not to mention residual charges in the drive's cache...

Steve Conner

Thu Nov 26 2009, 06:29PM

Registered Member #30 Joined: Fri Feb 03 2006, 10:52AM
Location: Glasgow, Scotland
Posts: 6706

I never encrypt any of my data, whether it's private or work-related. Not because I'm afraid of Big Brother, but because I'm afraid of forgetting the key!

In your case Conundrum, I think you're flattering yourself if you think the police care enough about you to kick your door down and haul you and your coaster collection off to Room 101.

Nicko

Thu Nov 26 2009, 06:58PM

Registered Member #1334 Joined: Tue Feb 19 2008, 04:37PM
Location: Nr. London, UK
Posts: 615

Steve McConner wrote ...

I never encrypt any of my data, whether it's private or work-related. Not because I'm afraid of Big Brother, but because I'm afraid of forgetting the key!

I'm more afraid of the container becoming corrupt, and therefore being completely fubar, i.e. losing everything.

The other thing about using whole-drive encryption or similar, is that the performance generally sucks... I reckon we lose about 30% of disk throughput even on decent machines - I'm typing this on my laptop - a Dell D630C with 4Gb of RAM and XP pro 64 - A core2 duo running at 2.2GHz, so a reasonable laptop. Adding whole disk encryption (BeCrypt in this case) makes it a bit of a dog. I use Acronis to back it up, and next time will probably just stick to container rather the boot disk encryption.

What may make this interesting is the recent availability of solid state drives for laptops etc. at reasonable rates. e.g. Crucial (retail arm of Micron) have a 2.5" 120Gb drive at about USD 380.

BTW. Here's a valuable, quick hint about Crucial - If you don't create an account and log in, you will only get shown list prices - log in, and everything drops by a whole bunch.

Conundrum

Thu Nov 26 2009, 09:45PM

Registered Member #96 Joined: Thu Feb 09 2006, 05:37PM
Location: CI, Earth
Posts: 4061

hmm., i came up with an interesting idea today. Induction heater.

Should raise the drive's platter temp way above the Curie point in under a second... :)

oh, and..

Expect a lot of pubs in the UK to go under due to this.

-A

Moderator(s): Chris Russell, Noelle, Alex, Tesladownunder, Dave Marshall, Dave Billington, Bjørn, Steve Conner, Wolfram, Kizmo, Mads Barnkob