no problem, I accept yours and others assertions that a home made magnetic device won't work. It occurs to me that in any case where even one operator knows or has possession/knowledge of the keys or backups, that that information could still be gained through torture/coercion in rare cases where the information effects "national security" or the guys wanting it are mean SOBs.
On Wed, 5 Dec 2007 16:28:18 -0800, "coderman" <[EMAIL PROTECTED]> said: > On Dec 5, 2007 4:05 PM, <[EMAIL PROTECTED]> wrote: > > ... Have you actually tested using a magnetic field for this ... > > despite the rudeness of some of this thread, it really is difficult to > properly clear / purge data from a modern hard disk using a magnetic > field. we do this at work, and the device is a large box with loud > fans. you must wear heat resistant glove(s) to hold the hard drive > over the unit for 60+ seconds. it gets quite hot (see inductive > smelting, etc). > > arranging such a unit inside a case would be difficult, dangerous, and > probably not as effective as you think. > > see http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html > > this is why full disk encryption is preferable. it is much quicker > and safer to securely purge or destroy the disk keys (small) than the > whole disk itself (large, time consuming). > > there are many ways to configure authentication/authorization for > encrypted disk access, including multi-factor passphrase, token, even > biometric. maybe you leave the keys on disk for headless boot and > only want the ability to securely wipe them if needed. > > last note, the loop-aes module support key scrubbing in memory, so > that even ram cannot be inspected for usable disk encryption keys that > could remain after power down. (some other volume encryption methods > may also support this, however, loop-aes is the only one i've used > that does so.) > > best regards, -- [EMAIL PROTECTED] -- http://www.fastmail.fm - mmm... Fastmail...