Quantcast
Channel: Forensic Focus Forums - Recent Topics
Viewing all articles
Browse latest Browse all 20112

General Discussion: What´s the best way for cleaning flash drives?

$
0
0
electronic_x wrote: However, I would like to know, just like of curiosity: I know that, destroying is the best way, but...is more difficult to recover meaningful data from a flash drive if you wipe it with zeroes? Are any possible track of information more damaged if overwriten?Oh noes, again? <img src="images/smiles/icon_eek.gif" alt="Shocked" title="Shocked" /> Let's see (provided that you will accept a set of Q/A by a perfect stranger on the internet) if this will do <img src="images/smiles/icon_confused.gif" alt="Confused" title="Confused" /> . Q1. How can I make sure that noone will recover data from my flash USB? A1. A single 00 wipe is more than enough for all practical expectations of non recoverability of the contents. Q2. But is it not better to make more passes, random passes, use any form of voodoo? A2. Anything more that that will wear down the device a little bit more and is - again to all practical effects - unneeded. Q3. But how to do the single 00 pass? A3. The more suitable way is to use the USB stick controller manufacturer's "mass production tool" which normally allows to test (by writing all 00's) the WHOLE flash chips. This has the advantage that you can - as a side note - change the USB stick serial, so that traces of it's use on a PC cannot be anymore "coupled" with the actual item. You have to imagine this procedure as a "factory reset". But, to all practical effects, a simple 00 wipe of the accessible areas will do. Q4. Where do I find these Mass Production Tools? A4. Every manufacturer has a specific tool for a specific controller (and in some cases specific firmware for specific flash chips), such tools tend to get "leaked" often, and with some google searching you will be able to find places where they are available for download. Q5. How are they operated? A5. It depends, each tool may have specific requisites (as an example a number of them will ONLY work on XP), some will need to install a specific USB driver, since these tools are made by the (usually Chinese) manufacturers of the controller the English (where available) of their interface may be not exactly "Oxford English" and counterintuitive, the procedures to use them may vary greatly, the documentation is scarce, and most "talks" about them will be in Chinese or in Russian. Q6. Is the procedure doable by an "end user"? A6. Sure it is doable, the point would be if it is doable without messing the OS (with the "queer" drivers, if involved), or without "locking" the USB stick for good. Q7. Is the procedure with a single 00 wipe pass through "normal" software "secure"? A7. No. In the sense that it is not completely secure, as areas not reachable by the "normal" software may still contain some info. Q8. Is the procedure through the controller Manufacturer's tools "secure"? A8. No. In the sense that IF the flash chips are still fully operational it is "as secure as possible", but if some of the "spare sectors" have been in use, some areas may still hold some data. In any case the procedure may not be the same for *all* USB sticks/Manufacturer's tools/controllers and there are NO independent studies that certify it as being "secure" (and in any case that would be applicable only to the specific controller chip and flash chips models. Q9. Will areas of the USB stick that can actually be recovered after a single 00 pass through "normal" software contain meaningful data, like my credit card number, SSN number, name, address, the p0rn movie I shot with my wife/lover, etc.? A9. No. In the sense that we are talking of fragments of data, that even if they can be read not necessarily can be decoded/converted into "human readable" format. The probability that any of these data can actually contain anything meaningful is so low that the Heart of Gold Infinite Improbability Drive: http://en.wikipedia.org/wiki/Technology_in_The_Hitchhiker's_Guide_to_the_Galaxy#Infinite_Improbability_Drive could be used for 3 (three) consecutive trips around the Universe without need to refuel. Q10. Then what can be called "secure"? A10. Physical destruction of the thingy. Q11. But I don't want to destroy the USB stick, what can I do? A11. Loop to Q1. Q12. While we are at it, any advice about tin foil hats best design? A12. Sure <img src="images/smiles/icon_wink.gif" alt="Wink" title="Wink" /> , tin foil is so nineties, we have a much better material nowadays, 3M Velostat: http://reboot.pro/topic/13177-an-improved-electromagnetical-shielding-device/ Remember, ifthey are after you they will get you alright, resistance is futile! jaclaz

Viewing all articles
Browse latest Browse all 20112

Trending Articles