How To "Erase" Your Digital Footprint..!

[ThePythonicCow]

Posted by 1159 (here)
Every single bit of data your computer has read is permanantly recorded on your hard drive It make no difference if you erase it, scamble it or shred it digitally, it will never be erased. It becomes permanatly etched into the electromagnetic record of the hard drive.

No.

Just formatting the drive won't usually overwrite all the data on it.

But using any of a variety of disk scrubbing tools that overwrite all data bytes on a disk several times, with various patterns, will, for almost all practical purposes, make that data entirely unrecoverable.

Only very high levels of security recommend using a combination of (1) data scrubbing, (2) chemical etching, then (3) physical destruction.

A Google search for "disk scrubbing secure delete" will find a variety of scrubbing programs and related information. Such programs do work.

Data is not "etched" into an electromagnetic disk, but recorded by flipping the polarity of (very small) magnetized regions.

[wolf_rt]

Posted by Paul (here)
So ... which is it:

• using strong encryption they can't automatically decrypt will surely bring down the Men in Black to personally spy on us, or
• there is no sense trying to use strong encryption because their acres of computers can automatically decrypt anything?

Sorry for the long post ... but a good understanding of this can actually be useful, in my view, to keeping your data out of the wrong hands.

Not at all, thanks for the insight.

I understand what you're saying, but not being bothered to look is different to secure.

Do you believe any encryption available to the average person today would really tie up a meaningful amount of resources? Serous question... i'm thinking of fuzzy logic, AI, 10 generation ahead supercomputers when i think of this stuff....

and surely any encryption relies on a key which must be shared among the parties securely?

And encryption isn't really the problem...


Do you believe that, for instance, this post on the forum, is in anyway secure or anonymous? I realise that that is mostly due to my sloppiness, but i do not believe any amount of money or effort could successfully restore my online anonymity?

Thanks for your time with this, its an interesting subject.

As i said i'm no IT expert, so i have always run under the assumption that whatever i do on the net is public, including credit card no's ect.... I think of it as a trust based system.

[ThePythonicCow]

Posted by wolf_rt (here)
Do you believe any encryption available to the average person today would really tie up a meaningful amount of resources? Serous question... i'm thinking of fuzzy logic, AI, 10 generation ahead supercomputers when i think of this stuff....

Yes.

The best widely available encryption at present would be 256-bit AES using a full 14 rounds (AES-256).

A brute force attack on AES-256 would take 2 ** 256 operations (I am using ** for the exponent operator.) The best known attack is slightly better than brute force, taking 2 ** 254.4 operations (http://en.wikipedia.org/wiki/Advance...ption_Standard).

With that, a one million (10**6) CPU system, able to perform 1 such operation (trying one key, which is really thousands of CPU cycles on a conventional CPU) every femtosecond (10**-12 seconds, nearly a million times faster than typical computers) would take approximately 2**254.4 / ( 10**6 * 10**12 * 60 * 60 * 24 * 365.24) == 1.2 * 10 ** 51 == 1210427606910615141811960946240356055958668548505600 years to break one cipher text.

Posted by wolf_rt (here)
and surely any encryption relies on a key which must be shared among the parties securely?

Public key encryption such as RSA does not use shared private keys. Typically a one-time use RSA public key is generated, and then used to exchange the AES (or other) private key. So far as we know, breaking RSA is about as hard as factoring large primes. The current best known example of breaking RSA took 100's of computers a couple years to break RSA-768, between 2007 and 2009. It is thus recommended to use RSA-1024 for short term needs, and RSA-2048 for strong public key encryption. The RSA implementation used by ssh on my present system (part of the standard Ubuntu distribution) can use up to RSA-16384. Breaking that with all the compute power on this planet at the moment would I'm confident take longer than the known (by conventional cosmology) life of the universe, however off hand I don't see how to calculate precisely how long it would take.

However ... my favorite use of encryption (outside of the usual such as https, ssh, ...) is to email an encrypted file to myself, containing some important account passwords. For this use, I do not need to share a private key with anyone . So the above ginormous number of years applies directly, if I use AES-256.

Posted by wolf_rt (here)
As i said i'm no IT expert, so i have always run under the assumption that whatever i do on the net is public, including credit card no's ect.... I think of it as a trust based system.

Indeed. You are trusting that any bank or store that has your credit card number will not misuse it. That is not an encryption problem.

I am even trusting some crypto software writers when I use strong encryption to email my passwords to myself.

[Jay]

Creepy - but your data is most likely handed over long before you can erase it anyway

[whenyournex2me]

wow, I gotta get my stuff together....

[araucaria]

take it easy guys, doesn't all this stuff go into the Akashic records anyway?