Ken Dykes <kgdykes@watmath.waterloo.edu> (05/01/91)
> From: hayes!tnixon@uunet.uu.net (Toby Nixon) > Subject: Re: Prodigy or Fraudigy ??? > X-Telecom-Digest: Volume 11, Issue 319, Message 3 of 12 > In article <telecom11.316.2@eecs.nwu.edu>, leryo@gnu.ai.mit.edu > (Leryo Malbito) writes: > I think that if ANY of us searched through the "free space" (not > currently allocated to a file) on our disks, we'd ALL be surprised. No, dont say *ANY* of us ... some of us have more than the "basic user's" knowlege of things computer-like. I routinely use a "wipedisk" program which cleans unallocated sectors. (Optional choice of zeros, ones, three wipes with 0/1/alternate-bit- pattern.) It should be noted that an "explicit delete file" is not required on the part of a user. Most text-editors use temporary "work files", every time you do an editing/word-processing session, COPIES of your data are splashed into workfiles and then released to the world when you quit the edit/word-process session. A lot of other software also uses temporary work files. (This may also be a way a "drive d: got drive c: data", if you allocated your temporary/work directory on that drive.) There is also another place in the DOS filesystem (filesystem? ha!) that can bite you. Files are allocated/grown a SECTOR at a time (say 512 bytes). So if you write 100 bytes to a file plus the EOF-mark, chances are good there will be 411 old-data bytes at the end of the file. Since this sector is "allocated" the wipedisk concepts don't reach them. These are a little tricker to take care of :-) I mention this sector aspect to avoid claims of: "I wiped my disk, then some *old old old data* RE-APPEARED!" Chances are it was "stuck" to some newer file, and the new file was later released which also freed up that not-quite-a-sector of antique data. > ...on a multiuser system, always use an > "erase" program that actually overwrites your files rather than just > deleting them, or everything you delete will be available to other Religous claim: a DECENT system would do this either at release-time or (less ideally) before re-allocating to another file. but alas, very few decent systems... For your own machine, you could write any program in just about any language (heck even a slow .bat exec file) to grow one huge file, writing it full of null or random byte-values until you get a file-growth denial (no more room left on disk) then release that huge file. voila! unallocated space no longer contains private information) If you wish to write your own erase-a-single-file program, remember to overwrite/erase the entire PHYSICAL file size, not just the logical data filesize. Rules to live by: - Secure/sensitive data should never be stored in computer media. - Since you *will* store this sort of data anyway, use encryption wherever possible. - ERASE rather than simply delete files. - catalog/directory structure information/sectors should be considered sensitive data too. - dont use a production/sesitive-data machine for routine BBS-ing and networking. - be *aware* of what the software you use is actually doing -- it may not have fraudulent *intent* but may be the tool of an "accident" in data exposure. - do not assume this is a complete set of things/rules to watch for. Ken Dykes, Thinkage Ltd., Kitchener, Ontario, Canada [43.47N 80.52W] kgdykes@watmath.waterloo.edu [129.97.128.1] watmath!kgdykes