[Cryptography] Secure erasure
Kent Borg
kentborg at borg.org
Fri Sep 9 15:22:39 EDT 2016
On 09/09/2016 01:47 PM, John Denker wrote:
> All the «secure erasure» routines I've seen appear just as fatally flawed
Most of the "secure erase can't work" in this thread seems equivalent to
"memory can't be trusted". Indeed, there is a lot of reason to mistrust
hardware. Okay then, do you dare do any cryptography at all in your
hardware? If so (big if), then how to do a secure erase becomes a
sensible question.
Whether the hardware is trustworthy maybe isn't completely binary,
systems like to cheat for efficiency sake and not because they are evil,
which is why I like writing something more interesting than than just
zeros. Give the hardware more to chew on to try to get it to actually do
the chewing.
> Here's the image that comes to mind:
> http://haha-business.com/i/_interface/epic-fail-photos-security-fail.jpg
Cute picture, and though it might be a security fail, it might not be a
legal fail. A little like locking just a screen door: it won't stop a
forced entry but it turns it from something that might be no offense at
all into "breaking and entering", possibly a full crime. Legal
deterrence does have value.
Trespass, similarly, can turn on whether notice is given. People like to
tear down no trespassing signs and say they didn't know. Tearing down
this would take a little time and probably hit a dollar threshold
designed to elevate the vandalism offense. And having a path might be
pretty clever, a way to lead would-be trespassers to the prominent
notice, without littering signs every few meters--each then easy to
remove and again claim "Oh, I didn't know."
-kb
More information about the cryptography
mailing list