Business Centre Home  
ServersPCs and componentsNotebooksStoragePrintersPDA/PhoneSoftware/ApplicationsSecurityNetworkingInternet/Comms
Site Map | Newsletter | RSS
Search

Home
Breaking News
category
Servers
PCs and components
Notebooks
Storage
Printers
PDA/Phone
Software/Applications
Security
Networking
Internet/Comms
marketplace
compare prices
browse
Reviews
Features
In the labs
Downloads
A-List
Labs Winners
Recommended
newsletter
Register your email for our weekly roundup of business news, product reviews and articles that matter to business.
about us
advertise
contact us
magazine
how we test
Site map
Feedback
  
Home > Security > Security: Business Supplement

Security: Business Supplement

      Print this story

<< Previous    Next >>

 
Extreme data erasure

One question I’m asked a lot these days almost everywhere I go is “how do you securely erase data before disposing of a computer?” My answer is somewhat reminiscent of Jon Honeyball’s infamous network-resilience chainsaw test; namely, “using my random axe”, although I guess that requires some explanation. Way back in 1999, Sun Microsystems founder Scott McNealy was asked at a press conference about the failure of his newly launched system to protect a consumer against being tracked when connected to a network, and he replied “you have zero privacy, get over it!”

In the eight years that have passed since then, nothing has changed for the better, despite improvements in encryption technology, mainly because such improvements have been matched by equivalent advances in malware. In particular, by the rise of the clandestine spyware application, which has been nothing short of spectacular. When it comes to privacy on the internet, no matter what you do to reduce your online footprint, the only truly foolproof way to prevent your data trail being spread far and wide is never to go online – in fact, never even to switch your PC on at all. Sure, you can minimise the impact of your travels and shrink your footprint somewhat by treading lightly within your browser client, routing all requests via an anonymous proxy, deleting locally held history and temporary internet files and so forth. But you can’t erase that footprint completely: it isn’t possible to traverse the web like a ghost if you expect to be able to do anything vaguely useful or interesting while there.

They ARE out to get you

Why am I deliberately inflaming your already-paranoid anxieties about privacy? Simply because in this evermore connected world, it’s all too easy to focus solely on the issue of online privacy and to forget that one of the staples of the identity fraudster’s diet lies far closer to home, right on your desk in fact. Your PC, or rather its hard drive and any other external storage device attached to it, is the single most valuable component in your data-gathering cycle. It’s where your digital identity resides, containing everything you are and everything an identity thief (or a corporate competitor, or even just a nosy neighbour) needs to extract the essential “you” from “it”. Sell your PC, or its old and defunct external drive, or the old hard drive you’ve just upgraded, and you’re almost certainly selling some of your data along with it. Take your PC to the local dump for recycling – which is wholly to be encouraged by the way, so please don’t let this scare you off recycling your IT kit – and your data stands a good chance of being recycled, too, even if you deleted all the personal files or formatted the drive before disposal.

The problem lies in the way the operating system deals with such files: instead of physically removing the data, it merely erases the pointers to that data, thus rendering it invisible to the user and other applications, and enabling them to overwrite their own data into that now “unused” space. But it’s only invisible until someone with the right tools attempts to see it, which is how data-recovery software works. It isn’t rocket science – such software just opens the logical path where the deleted file used to be to discover the disk sectors where the data will still reside unless it happens to have been overwritten. This can be achieved as simply as searching for some known text string, filename or even file type – hugely handy when you accidentally format your digital camera’s storage card, and enabling you to successfully recover most if not all of the images you thought you’d lost. But it’s equally handy for someone examining the hard drive of the second-hand computer they just bought on Ebay or courtesy of some recycling scheme...

Security shot to pieces

If you talk to certain ex-members of the security services in the US, they’ll happily tell you their standard method of decommissioning a hard drive is to shoot it full of holes: what’s known in the trade as a “dead granny” after a popular (but not factual) tale. However, that drive isn’t the only thing that’s full of holes, because their belief that the data held upon it is now safe from recovery is similarly perforated. I’ve been present in the clean room of a professional data-recovery operation and watched computers that have been under water for days, incinerated beyond recognition in fires, or even crushed under falling masonry, and yet their data could still be successfully recovered. Techniques like Magnetic Force Microscopy (MFM) and Magnetic Force Scanning Tunnelling Microscopy (MFSTM) can be used in such extreme circumstances to grab an image of the magnetic field at the surface of the disk by measuring the force gradient as a function of position when a magnetic tip attached to a cantilever is moved across its surface. I’ll admit your average identity thief or opportunistic hard drive explorer isn’t going to have either the funds or the technical training to operate MFM hardware, but the example serves to show that raw data can be retrieved if it’s deemed valuable enough.

The more alert among you will have caught on by now that the crucial factor determining how much data can be recovered is directly proportional to how much of that data has already been overwritten. So whereas the golden rule of data disaster recovery is always “don’t do anything that might overwrite your original data” (including, ironically enough, installing a newly purchased data-recovery program, as installing that might easily overwrite the data you’re hoping to save), the reverse principle holds for secure data disposal: “do everything you can to overwrite your data in as random a fashion as possible.” Typically, this will involve replacing the original data with a totally random string of bits, and most data shredders can achieve this by making a single pass of the file concerned.

Of course, if the original data is overwritten only once, or even twice for that matter, it remains relatively easy to recover from an expert’s perspective, because they’ll subtract what they expect to be able to read from what’s actually being read. Consider, for example, the sentence “the haumn mnid deos not raed ervey lteter by istlef, but the wrod as a wlohe, which is why yuo can raed this” and you’ll get the idea. Computer software isn’t as clever as the human brain, but it can still guess what the original data would have been if only a small part of it’s been overwritten. That’s why the official US Department of Defense “file sanitization directive” standard requires three passes for data erasure. Naturally enough, the NSA and our own intelligence services are far more paranoid, demanding a seven-pass bleaching of data (when they’re not leaving their laptops in the backs of taxis, that is).

Data that’s been overwritten randomly a large number of times can still be recovered – remember there’s no such thing as 100% security – so long as new data hasn’t compounded the puzzle by being written to exactly the same original location. But you can make life so difficult for would-be data thieves, not to mention so expensive, that unless you lead a very, very interesting life indeed nobody is going to bother trying. That’s why my erased data is more trashed than secret squirrel’s – I routinely employ a free application called Eraser (www.heidi.ie/eraser), which lets me use the Gutmann 35-pass methodology, but even that isn’t safe enough for me. To make life really difficult for the potential data thief, whenever I physically dispose of a computer I always remove the hard drive before taking it to the recycling centre – they only get the rest of the computer, while I let Gutmann have a first go at trashing the data before getting out a large woodsman’s axe. Clever random data overwriting combined with this brute force smashing of the disk platters with the axe allows me to sleep at night knowing that the secrets of my hard drive won’t fall into the wrong hands.

Index
1. Introduction
2. Extreme data erasure
3. Cisco Catalyst 3750G
4. Kaspersky Enterprise Space Security 6
5. Sony IPELA SNC-RX550P
6. Panda Malware Radar
7. Juniper Networks SSG 5
8. Check Point UTM-1 450
9. Finjan Vital Security NG-1100
10. Introduction to SC
11. Protection... in a flash
12. Paul Ockenden’s guide to burglary

<< Previous    Next >>

 
      Print this story

Related Features
Silverlight for Business
Advanced networking for small business
Small business security
Communication revolution: Why go VoIP?
Can you run your business on Google?
The science of appliance
How James Bond would wipe his hard drive
Interview: Virus protection for 2007
Why we need hackers
Office 2007: Fit for business?


A LIST - the best of the best
Recommended
Recommended
Printers

HP Color LaserJet CP3505x

Recommended
Recommended
Printers

Brother HL-4040CN

Recommended
Recommended
Networking

Clearswift MIMEsweeper CSW250

Recommended
Recommended
Storage

HP StorageWorks Ultrium 1840

Recommended
Recommended
Servers

Evesham SilverEDGE 1000SL