About | Gallery | News | Order the XPT | Products | Resources | Security | Services | Workshop
Home » Workshop » Assorted

The Buzzword Everyone Forgot
(Soon They'll Remember Again)


The future is at the data layer.
 - Dan Geer

The Final Countdown


Get It

Try It

In the months leading up to Y2K a number of computer gurus - including people contributing to this site - decided the New Millennium would have two buzzwords above all others.

Security. And privacy.

No one really thought Microsoft software was all that good but few realised at the time it was all that bad either. Yet it wouldn't take long to find out.

I Love You

The Love Bug hit inside five months of the New Millennium and changed the topology of computing forever. Unleashed by accident as part of a love triangle, the worm is today considered responsible for more than $10 billion in damages worldwide.

The floodgates were opened; a succession of worms and other forms of malware rushed through; and by the following summer a new breed was upon the connected world.

Red Mountain Dew


Get It

Try It

Code Red was unleashed on 13 July 2001, attacking unwitting users of Microsoft's IIS web server. Most installations of Windows NT and Windows 2K had the IIS server running without the users being aware of it. By 19 July an estimated 360000 systems were infected worldwide. But the big damage wasn't there - it was in the incessant traffic the worm's probes caused. Code Red was programmed to bring down the website of the US White House.

Code Red was followed by: Nimda in September 2001; SQL Slammer in January 2003; Blaster in August 2003; Zotob in August 2005; and these but the tip of an iceberg, the total number of Windows attack vectors today estimated at over 100,000.

The Summer of Code Red (2001) also marked the end of any effort by serious engineers to hold onto their hopes Microsoft would survive. Mass migrations from Windows began. Some people went to Linux; others went to Apple's OS X; and basking in the sudden freedom from malware attacks they relaxed - and forgot the other buzzword.

Some Didn't


Get It

Try It

Some people didn't forget: institutions, intelligence organisations, and those outside the law were continually aware of the risks with lax privacy routines. But the great majority of computer users did forget; the public had no time to consider privacy with all the attacks on their security.

Privacy has always been a major concern for those that didn't forget. And whether recognised or not it remains a major concern for all computer users even today. And it's therefore curious why and how Microsoft acquire a major privacy and security software company, re-brand the security parts, and then throw away what's there to protect people's privacy. But that's exactly what they did.

Computers are continually dropping sensitive data everywhere with little or no recourse for the casual user not equipped with special tools to do a proper 'clean up'. And the complexity of such routines multiplies on Windows where although all data is bound to files not all can be treated as such.

Windows has a total of seven types of data storage and merely deleting files won't get at them without destroying what's supposed to remain. There are directories and their contents that must be destroyed; directory contents but not the directories themselves; INI file sections; INI file values; Registry keys; Registry data; and of course ordinary files. It's nigh on impossible to attack all seven types of data with something as simple as a script; most people don't know how to edit INI files, much less the Registry; in a word it becomes too complex for people to worry about.

Unless of course they have the proper tools.

Here There & Everywhere


Get It

Try It

Data accumulates everywhere and not just in files. An undo/redo buffer may reside in a temporary physical file only to be deleted at program exit. The link to this file is gone but the contents remain accessible on the system disk given the right tools to go searching for it.

Web browser caches can be deleted and yet the data itself remains.

High security installations like to practice proactive data protection, wrapping their most sensitive programs with automatic cleanup operations. The wrapper starts the application and waits for it to exit and then performs its tasks.

Computers have to be regularly scrubbed of all remnants of temporary data, often once per day or more. Automating these routines as much as possible increases the protection level as when people are involved someone is always going to forget or to decide it's not really all that important - and then catastrophe can strike.

Computers are getting stolen all the time. People lose them in hotel lobbies, on trains, in airports; was their data secured? It matters little that they have some type of password protection: the thieves need only extract the hard drive and work on it separately. What is left on these computers that the 'wrong hands' can take advantage of? These are the concerns of information security advisers; they must be your concerns as well. For at any time someone may attain access to your computer. You need to know your private data remains private and no trails remain anywhere.

Even malware can in the not too distant future evolve into data mining microbes intent on scouring disk free space for signs of compromising data. Threats can be issued; numbered bank accounts provided to postpone the inevitable; it's around the corner - and it can start happening any day.

Continual


Get It

Try It

Data protection - privacy - is a continual process. You don't 'secure' your computer one day and then feel entitled to forget about the issues from that point on: you have to practice the same routines all the time.

At any one given moment your data may be exposed - and stolen. Your objective has to be to continually minimise the risks.

There's no way you can completely eliminate the risks short of literally melting your hard drive and purchasing a new one, but given that you intend to continue to use your computer, there are any number of steps that can be taken.

  1. Wrap as many sensitive applications as you can so their mere exit results in data trails being eliminated (shredded).
  2. Regularly shred all disk free space. This is where intruders will otherwise be searching for your data - in areas you yourself have little ability to go.
  3. Use the highest grade shredding you have time for.

Analog


Get It

Try It

Computer hard drives aren't digital - they're analog. This means that the idea of overwriting exposed data with random values - random zeroes and ones - means less than nothing. The US DOD Orange Book security norms involving such processes aren't meant for shredding magnetic disks - they're meant for computer memory chips. [For computer hard drives in high security scenarios the US DOS recommend incineration.]

Strangely enough there is only one thorough study of the characteristics of hard drives - and it's by the renowned security expert Dr Peter Gutmann from Auckland New Zealand. Peter's famous USENIX paper remains a standard today in the field of privacy. Peter argues convincingly against use of digital techniques to attack the analog characteristics of computer hard drives and he also devised a 35-step attack on said hard drives. And although Peter cautions against regarding this attack as a general panacea, using all 35 steps of his procedure is advised as most people will not know exactly what analog technology is present in their computers: the 35 steps namely cover all three prevalent analog technologies all at once.

As long as application wrapping does not slow you down you should use it; but you should also shred your disk free space whenever you have the opportunity - at least once per day.

Before you begin a disk free space shred you should delete - not shred - any files you want gone; once the disk space previously used by these files is freed it will be part of your disk free space and therefore shredded. You should always end your shredding session by defragmenting your hard drive: this has the added advantage of 'optimising' your directories so absolutely no remnants of former data remain. Even performing an additional disk free space shred after defragmentation can be to your benefit.

Tools


Get It

Try It

Adequately securing a Windows machine is far more complex than the comparable on Unix where everything truly is a file. It's primarily the 'binary' character of the Registry which haunts here. [If you have a Registry optimiser you should use this too - immediately prior to shredding your disk free space.]

About the only toolset available for Windows that 'does it all' is the E3 Security Kit available at this site. The word 'security' in the title is a bit of a misnomer as E3 is actually all about privacy instead. E3 can be configured to run silently - never appearing on screen - at the point of any system activity you choose: at the time you start your computer or at the time you shut it down.

The E3 Nighttime and E3 Weekend tools are especially valuable as they automatically search out all connected writable drives and shred both the file slack and the disk slack found there. They leave no traces, only logging results when their operations are completed. They work silently and require no interaction on your part - all you do is click once with your mouse and then walk away from your computer.

E3 is also the only privacy kit that addresses issues of where sensitive data is found - as it's not only found in 'files' per se. E3 strictly defines and works on the seven types of data storage on Windows and gives you the ability to easily make your own scripts ('recipes' in E3 parlance) to delete (and shred) exactly what you desire.

Corporate Concerns


Get It

Try It

The biggest hurdle for corporations is finding a way for man and machine to work amiably together. Most computer users don't want to worry about data protection - they want to leave that to their security team (and blame them when things finally go wrong). The objective of the corporate security team must therefore be to find privacy routines that work despite the lack of cooperation on the part of staff.

And if certain coworkers seem eager to help them along, all the better.

  • Data shredding must be automated as much as possible. This means wrapping sensitive applications whenever appropriate.
  • File slack and disk slack operations may have to be carried out voluntarily but they must be pleasant enough so staff do not avoid them.
  • General scouring operations - if brief enough - can be conducted automatically on system start. [E3 can do this silently as a background asynchronous process.]

Just because you've been overwhelmed by all the attacks on your computer - all the trojans and worms and viruses and botnet probes - doesn't mean your privacy issues are gone. They're still there. And for a small portion of your workday you can feel secure in the knowledge that your data is secure as well.

About | Buy | News | Products | Rants | Search | Security
Copyright © Radsoft. All rights reserved.