On Wed, Jun 10, 2020 at 1:14 PM Nicolas George <geo...@nsup.org> wrote: > > Anders Andersson (12020-06-10): > > Too bad if you end up in a routine police investigation and they find > > child pornography when scanning the disks for deleted files. > > > > "Must have been the previous owner" is a valid defense, but I'd rather > > not end up having to use it. > > Ah, but maybe the previous owner had discovered a cheap cure for > covid-19 and big pharma had them silenced. You would be wiping the last > traces of their research! > > Seriously, first we were talking about hard drives straight from the > factory in China, making the thread… industrial espionage, I suppose? > And now we are talking about child pornography found in an unrelated > seizure. > > So, for that to be relevant, you would need that all the following > conditions to be met: > > - the previous owner had child pornography on this disk; > > - unencrypted; > > - they gave it away their disk in a way that makes it reusable; > > - without wiping it themselves; > > - cops show up at your door and take the drive to examine it; > > - they do it before regular use has wiped it. > > That is a fine Drake equation you got here, but maybe not a rational > justification for spending days wiping a drive. > > For any security measure, it is easy to find afterwards a far-fetched > scenario where it makes a difference. But that is how TV writers work, > not security. For security, we must first define the attack model, and > then search for defense. Otherwise we end up barricading the back door > while the key to the front door is still under the mat.
Except wiping a disk is trivial. Just start the job and come back later to a clean disk. It's not like you have to wipe it by hand. I do it routinely before I put a disk to use that's going to be used for a couple of years.
