[Cryptography] Ex-CIA Joshua Schulte Describes His Data/Crypto Hiding Prowess
Jerry Leichter
leichter at lrw.com
Wed Mar 4 06:52:36 EST 2020
> NSA/CSS STORAGE DEVICE SANITIZATION MANUAL
>
> https://www.nsa.gov/Portals/70/documents/resources/everyone/media-destruction/PM9-12.pdf?ver=2019-05-16-075903-503
There are at least two interesting comments in that manual:
1. "Solid state storage devices ... Power Removal: Sanitize DRAM (dynamic random-access memory), SRAM (static random-access memory), and Volatile FPGA by removing the power, including backup batteries. Once power is removed, sanitization is instantaneous."
Apparently some of the reported efforts at recovering RAM state are not considered meaningful threats.
2. Smart cards: "Strip Shredding: A strip shredder with a maximum width of 2 millimeters will destroy the microchip, barcode, magnetic strip and written information on the Smart Card. Smart Cards must be inserted diagonally into the strip shredder at a 45-degree angle for proper sanitization.
NOTE: A CROSS CUT SHREDDER WILL NOT SANITIZE SMART CARDS."
I don't recall any published information about recovering information from damaged cards. Clearly the NSA has done some work here. Note that cross-cut shredders *are* acceptable for diskettes and optical media.
Also worth noting that the NSA still mainly insists on physical destruction of hard disks. (An NSA-approved - likely very high powered - degausser is sufficient but even then they recommend physically damaging the disks themselves.)
-- Jerry
More information about the cryptography
mailing list