8437
Tel Worldwide: +1 801 736 0806
E-mail: [EMAIL PROTECTED]
Internet: http://support.cp.net
-Original Message-
From: Nikola Janceski [mailto:[EMAIL PROTECTED]]
Sent: 29 May 2002 16:54
To: 'zentara'; [EMAIL PROTECTED]
Subject: RE: Shredding a file
Brain Bugs are
Brain Bugs are next. Then the NSA will be selling off the porn movies that I
dream up.
> -Original Message-
> From: zentara [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, May 29, 2002 12:36 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Shredding a file
>
>
> On T
On Tue, 28 May 2002 20:15:58 +0100 (BST), [EMAIL PROTECTED] (Jonathan e.
paton) wrote:
>For those that feel comfortable, it is worth pointing out
>"CRT Eavesdropping: Optical Tempest" on slashdot.
>
>http://slashdot.org/article.pl?sid=02/03/09/199242
>
>Can a knowledgable person design a optical
Thanks John,
Very informative.
-Original Message-
From: Jonathan E. Paton [mailto:[EMAIL PROTECTED]]
Sent: 28 May 2002 05:48 PM
To: [EMAIL PROTECTED]
Subject: RE: Shredding a file
--- Langa Kentane <[EMAIL PROTECTED]> wrote:
> Well, reasonable security is fine, but th
Jonathan, et al --
...and then Jonathan E. Paton said...
%
% > So user Joe goess to https://myserver/script and fills in some values,
...
%
% HTTP connection better be HTTPS, this can be a VERY weak link. If, for
Well, yeah. I figured we could simplify things by establishing the
precondition
Shawn, et al --
...and then Shawn said...
%
% On 05/28, Shawn said something like:
% > On 05/28, David T-G said something like:
% > > % sort of secure form in memory (encrypted or something).
% > >
% > > Now that's an interesting one... Suppose someone feeds this script a
...
% >
% > This pro
Shawn, et al --
...and then Shawn said...
%
% On 05/28, David T-G said something like:
% > So that takes care of that example, and maybe it was a bad one. I can't
% > come up with one that's better, either, but I have in mind something to
% > which I must refer more than once (hmmm... perhaps a
> % Well, if the merchant has his own cipher key, it can all be encrypted
> % with the owner's cipher key. That make sense?
>
> OK, I think so. I like examples, though.
>
> So user Joe goess to https://myserver/script and fills in some values,
> including his ccard no, and they get handed back
On 05/28, Shawn said something like:
> On 05/28, David T-G said something like:
> > % sort of secure form in memory (encrypted or something).
> >
> > Now that's an interesting one... Suppose someone feeds this script a
> > password or a credit card number or such (that is, something manageable,
Shawn --
...and then Shawn said...
%
% On 05/28, David T-G said something like:
% > % sort of secure form in memory (encrypted or something).
% >
% > Now that's an interesting one... Suppose someone feeds this script a
% > password or a credit card number or such (that is, something manageable
On 05/28, David T-G said something like:
> % sort of secure form in memory (encrypted or something).
>
> Now that's an interesting one... Suppose someone feeds this script a
> password or a credit card number or such (that is, something manageable,
> even if only for me since perl could suck the
Nikola, et al --
...and then Nikola Janceski said...
%
% Not to fuel the fire. (well I am).
*grin*
%
% Don't hard drives read data by reading the changes of polarity on the disk
% over a distance?
Basically.
% If so wouldn't replacing the "data" with some other "junk data" of equal
% size
On Tuesday, May 28, 2002, at 12:15 , Jonathan E. Paton wrote:
[..]
> Can a knowledgable person design a optical tempest system
> as a web-project please? I'd love to be able to build
> one myself, or buy one from thinkgeek.com or where-ever.
> I'm sure they'd sell well, not sure whether you Amer
--- drieux <[EMAIL PROTECTED]> wrote: >
> On Tuesday, May 28, 2002, at 05:27 , Jonathan E. Paton wrote:
> [..]
> > Never rely totally on software based security. There is no point
> > installing/writing lots of security software if your system admin is
> > a KGB agent, or your cleaner can
n. Or am I wrong?
But if you're really a freak, join drieux in making "HD chips" in his FM-10.
> -Original Message-
> From: drieux [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, May 28, 2002 2:40 PM
> To: Langa Kentane
> Cc: [EMAIL PROTECTED]
> Subject: Re:
On Tue, May 28, 2002 at 07:33:46AM -, Langa F. Kentane wrote:
> How would I go about shredding a file with perl
You should probably take a look at http://rr.sans.org/unix/sec_files.php
which sums up the need for shredding files securely. Notice the article
talks about scanning the hard drive
On Tuesday, May 28, 2002, at 05:27 , Jonathan E. Paton wrote:
[..]
> Never rely totally on software based security. There is no point
> installing/writing lots of security software if your system admin is
> a KGB agent, or your cleaner can access your computer system.
>
> EVERY computer
Shawn, et al --
...and then Shawn said...
%
% Don't use %ENV to store anything, and try to keep you're data in some
Right!
% sort of secure form in memory (encrypted or something).
Now that's an interesting one... Suppose someone feeds this script a
password or a credit card number or such
Don't use %ENV to store anything, and try to keep you're data in some
sort of secure form in memory (encrypted or something).
There are system level things to keep your data safe, and application
level methods. I prefer to use both methods if I can.
No amount of wiping and encrypting is going to
Langa --
...and then Langa Kentane said...
%
% Well, reasonable security is fine, but the idea of writing zeroes to the
% file does not appeal to me, If I can't get any other way I guess I will have
% to use that.
I still say that you shouldn't use a temp file at all; then you only have
to worr
You should use encrypted swap if you're having to shred files.
If someone is industrious enough to snorgle through device bits to snag
the info they want, sure enough they're not going to stop at the FS...
On 05/28, Jonathan E. Paton said something like:
> --- Langa Kentane <[EMAIL PROTECTED]>
--- Langa Kentane <[EMAIL PROTECTED]> wrote:
> Well, reasonable security is fine, but the idea of writing
> zeroes to the file does not appeal to me, If I can't get
> any other way I guess I will have to use that.
Allow me to assume you are using Unix... you have a hopeless
cause if you are usin
ECTED]
Subject: RE: Shredding a file
--- Nikola Janceski <[EMAIL PROTECTED]> wrote:
> I think if you want the file contents to be completely UNRECOVERABLE
> you must.. MUST change the contents of the file to some value other
> that it is... I just usually fill the file up with ZEROs
: Tuesday, May 28, 2002 11:24 AM
> To: [EMAIL PROTECTED]
> Subject: RE: Shredding a file
>
>
> --- Nikola Janceski <[EMAIL PROTECTED]> wrote:
> > I think if you want the file contents to be completely
> > UNRECOVERABLE you must.. MUST change the contents of the
&g
--- Nikola Janceski <[EMAIL PROTECTED]> wrote:
> I think if you want the file contents to be completely
> UNRECOVERABLE you must.. MUST change the contents of the
> file to some value other that it is... I just usually fill
> the file up with ZEROs until the size is the same as it
> orginally was
; From: Sudarsan Raghavan [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, May 28, 2002 8:51 AM
> To: Jonathan E. Paton
> Cc: [EMAIL PROTECTED]
> Subject: Re: Shredding a file
>
>
> "Jonathan E. Paton" wrote:
>
> > > > Greetings,
> > > > How woul
"Jonathan E. Paton" wrote:
> > > Greetings,
> > > How would I go about shredding a file with perl, for instance, I have a
> > > script opening a time file, writing something in there and then deleting
> > > the temp file when execution is done. How would I go about securely
> > > deleting the tem
Sudarsan Raghavan wrote:
> Anders Holm wrote:
>
> > Hi folks!
> >
> > Of relevance her would be what OS you are on as well.
> >
> > Windows
> > Solaris
> > Linux
> > Mac
> > Other?
> >
> > Why? Because different OS's treat this differently. Anyone here ever tried
> > to get back a deleted file on
> > Greetings,
> > How would I go about shredding a file with perl, for instance, I have a
> > script opening a time file, writing something in there and then deleting
> > the temp file when execution is done. How would I go about securely
> > deleting the temp file afterwards so that prying eyes
Langa --
...and then Langa F. Kentane said...
%
% Greetings,
% How would I go about shredding a file with perl, for instance, I have a
...
% temp file afterwards so that prying eyes can't read it afterwards?
You've seen some suggestions on how to overwrite the file. The truth is
that, if you'r
Anders Holm wrote:
> Hi folks!
>
> Of relevance her would be what OS you are on as well.
>
> Windows
> Solaris
> Linux
> Mac
> Other?
>
> Why? Because different OS's treat this differently. Anyone here ever tried
> to get back a deleted file on a Unix box? Not a very fun prospect.
I am not sure
ternet: http://support.cp.net
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Sudarsan Raghavan
Sent: 28 May 2002 12:45
To: Langa F. Kentane
Cc: [EMAIL PROTECTED]
Subject: Re: Shredding a file
"Langa F. Kentane" wrote:
> Greetings,
> H
"Langa F. Kentane" wrote:
> Greetings,
> How would I go about shredding a file with perl, for instance, I have a
> script opening a time file, writing something in there and then deleting
> the
> temp file when execution is done. How would I go about securely deleting
> the
> temp file afterwards
> -Original Message-
> From: Langa F. Kentane [mailto:[EMAIL PROTECTED]]
>
>
> Greetings,
> How would I go about shredding a file with perl, for
> instance, I have a
> script opening a time file, writing something in there and
> then deleting
> the
> temp file when execution is done
34 matches
Mail list logo
