[Cryptography] Photon beam splitters for "true" random number generation ?
Kevin W. Wall
kevin.w.wall at gmail.com
Mon Dec 28 11:24:55 EST 2015
On Thu, Dec 24, 2015 at 6:09 AM, Jerry Leichter <leichter at lrw.com> wrote:
>> patrick at laptop:~$ gpg --print-md sha256 scattered_leaves.jpg
>> scattered_leaves.jpg:
>> 171E2552 72B2FB96 94BBB675 9B3203A1
>> ED799567 1A808711 25E54D12 B106DCDA
>>
>> # Then FWIW:
>> patrick at laptop:~$ shred -u scattered_leaves.jpg
> In the interest of paranoid completeness: If your computer has an SSD rather
> than a traditional magnetic disk, shred won't actually destroy the data - its
> writes will simply go to new blocks on the SSD, and the old blocks will go
> onto an internal, inaccessible list for later cleaning and reuse. Or perhaps
> it was detected as beginning to fail and got moved onto the internal bad block
> list, where no ordinary use of the device will ever touch it again.
>
> In fact, short of physical destruction, there's no effective way to ensure
> that data written to an SSD is really gone. (The latest version of MacOS
> recognizes this fact, and that almost all Macs sold today have only SSD's for
> storage, and its Disk Utility program no longer offers a "secure erase"
> function, as it has no way to implement it that actually *is* secure.)
Jumping in late here b/c of the holidays. Actually, if I'm not mistaken,
I think the whole concept of "secure delete" at the _file_ level can no
longer be guaranteed for any file system that is a journaling file system.
Rather than overriding the data blocks, the writing of random data
simply writes to the "journal", so unless you can guarantee that you first
fill up this journal, any secure delete may not have done what you think
it has. And most of the OSes today typically use some sort of journaling
file system, which means that any "secure delete" mechanism that
actually works really must work at the _file system_ level rather than
the individual _file_ level, and that generally requires some sort of
privileged access.
Otherwise, Jerry's comments are all spot on, but the problem he
mentioned likely goes beyond _just_ SSDs unless you are running
some ancient file system type like FAT32 where then you have a
whole different set of security problems (such as enforcement
of permissions in a multi-user environment).
-kevin
--
Blog: http://off-the-wall-security.blogspot.com/
NSA: All your crypto bit are belong to us.
More information about the cryptography
mailing list