Options
Government Legislation Regarding Erasing of Data...
mred2000
Posts: 10,050
Forum Member
✭✭
... Does it exist?
Apparently so:
However, this then raises the question:
So, has anyone heard of this legislation before now and has anyone got links to any solid information regarding it?
Apparently so:
robertcrowther wrote: »All software that is available to the public that erases data leaves a fingerprint (id) on the hard disk/usb stick, this is a requirement in law and any software that does not is not permitted.
However, this then raises the question:
Could you show me where in the Linux kernel this is implemented?
So, has anyone heard of this legislation before now and has anyone got links to any solid information regarding it?
0
Comments
That's what I would've thought. A supposed expert has mentioned it so I'm surprised that more of us weren't aware of it...
To start off with the basic understanding read: http://link.springer.com/chapter/10.1007/0-387-36891-4_15
My company used to provide that service but we stopped when it became easy for anyone to perform this with free software.
That's just what Guttman theorised though, as discussed in the other thread. it even references his paper. Where's the Government regulation, and which Government(s) would that be anyway?
Not that I think this deserves its own thread, it doesn't, IMO, it just seems to be one poster having a go at another.
I've posted the link so that people who've not read about this subject before can get a understanding of what's going on before making comments.
You should read up on people like M. Geiger and L. Cranor, who are Counter-Forensic Privacy Tools experts rather than keep saying about Guttman.
it would have to exist in every country in the world for it not to fall foul of the DP legislation where it didn't exist.
i blame the reverse vampires and the bildeberg group.
Until someone comes up with something solid proving otherwise, and not an exercise of dancing around gardens, this is enough for me.
Since I started coming to this forum, flagpole is one of many posters who has repeatedly given me (as well as many others on a daily basis) good advice and shared knowledge, often backing this up with links to sites etc. Hence I trust what he has to say on this matter.
Unless someone gives actual solid proof of this legislation existing...
i was reading about the wikileaks marine and the us military worked over his computers and they could see he'd done some wiping but they were unable to view what was written to the disk before but they didn't give details of the wiping methods used so its hard to say what happened
http://reports-archive.adm.cs.cmu.edu/anon/isri2005/CMU-ISRI-05-119.pdf
Basically, it says that "just overwriting the data once presents a major obstacle to recovery".
Purchase on Springer.com £19.95 / $29.95 / €24.95 *
Buy now
Or buy the complete ebook £97.00 / $139.00 / €113.04 *
* Final gross prices may vary according to local VAT.
Log in to your account to check if you already have access to this content."
You could always enrol onto a Uni course if you want to learn, or have you never paid for your education?
You are obviously not very successful in IT if you can't afford £20.
Have you got anything newer then a 7 year old paper ?
I've read this before.
they are dealing with a slightly different scenario. secure erasure from an in use hard disk of specific files.
they do indeed conclude that just over writing the data once presents a significant obstacle to recovery. but importantly where that failed. it wasn't because that data wasn't erased. it was because in using the operating system and applications certain temporary files were created and it was them that aren't erased.
we've all seen this. you open a word document and it immediately creates a temporary file to store the auto-saves. you close your document and the temporary file disappears. at this point if you securely erase your word document the temporary file can still be recovered.
so that is the end of that. next.
You are not going to get hard proof just more confusion.
The only candidate for legislation is the Data Protection Act (DPA) which puts a requirement on organisations to secure personal information they collect about individuals. Clearly this includes the responsibility to wipe disks etc of such information before disposing of them. There are vast numbers of programmes, many free, which do this to varying levels of security. Whatever "fingerprints" might be left, there would be no usable personal data for any "victim" to worry about and no justification for saying that the DPA had not been complied with.
Only the ultra paranoid need worry about some of the nonsense posted in this thread.
When someone wants to get directions to, say, Leeds they don't start by consulting star-maps or reading geology books to find out how the country was formed and then history books on Leeds to see how and when it first came into existence...
That's not exactly what we're talking about. Apparently there's a rumour (as it hasn't as yet been proven to exist) regarding a requirement for digital fingerprints to specifically be left behind by software that erases informantion.
'Moreover, some of the programs do not completely erase file metadata, which enables forensic investigators to extract the name, size, creation date and deletion date of the “deleted” files.'
this is not exactly the same as recovering data from a zero'd drive now is it? being as it doesn't apply to a zero'd drive at all. or recovering data.
Nor is it the same as a law that says that all computers must retain indefinitely whatever it is that you think they retain.
next.
Note: "As of November 2007, the United States Department of Defense considers overwriting acceptable for clearing magnetic media within the same security area/zone, but not as a sanitization method. Only degaussing or physical destruction is acceptable for the latter"
As I said, the only legislation that could possibly have any connection with the title of this thread is the DPA. Most of the posts so far are nonsense just like the rumour.
http://en.wikipedia.org/wiki/Computer_forensics
Yes, yes, and anyone who's worked on projects handling data subject to formal risk assessments will know about this. Indeed, when I was custodian of an ISO27001 certification I think I included destruction of failed drives just because it was easier to audit than the alternatives. But your claim is that there is legislation mandating that data erasure software (including, presumably, "dd if=/dev/urandom of=/dev/sda bs=1m") has to leave a "fingerprint", and all we're asking for is either (a) the legislation or (b) some evidence that well-known software implements it.
It would also be interesting to know how we distinguish between on the one hand data erasure, and on the other hand simply filling a 128GB drive with 128GB of pictures of fluffy kittens --- the effect on the original data is the same, after all.
All you're now producing is various papers which indicate that some erasure software is a bit rubbish, and leaves evidence that it's been run. Shock: security software can be as rubbish as other software. And also that there are recovery techniques that might be able to get a toehold on poorly implemented erasure. Again, what a surprise. We know about this stuff, and therefore we know why physical destruction is in most cases easier to audit. If you've got data with high confidentiality requirements, the cost of scrapping disk drives rather than scrubbing them for reuse is negligible compared with cost of non-compliance. We know.
What we're asking you is to produce this claimed law that says that data deletion processes must leave a fingerprint. You're not the only person working professionally or academically in the field, and that no-one here has ever seen or heard of such a thing, and that a fairly extensive literature search I've done shows no country has ever proposed or implemented such a thing, places the onus on you to cite it. Primary legislation (Act and Section) or secondary legislation (SI and section), please.