|
part of metadata: in example, you won’t be able to change the values of an image
within a PDF. You can also prevent most of the metadata contained in text
documents using simple text formats (the so-called plain-text, most commonly
known as .txt). Use them if you need to!
7.8 Camera sensors
This short chapter is intended to warn you to a new practice, which is
globally applied by big data mining companies over the net. As you should
know, each camera sensor release a unique signature, which is almost
undetectable due to the minimal hardware differences characterizing it. As for a
bullet that can be used to identify a weapon, a picture may allow to pinpoint the
camera it was took with. It’s worth mentioning that this has nothing to do with
the EXIF Data, which work in a totally different manner. If you want to explore
this topic, you can find online a document written by three researches of the
New York Computer Science and Engineering Department
[117]
. Unfortunately,
no fast and proved methods to obfuscate such data are available today: if
performed with the right tools, however, digital manipulation should ensure a
good trace removal, i.e. changing color levels, saturation, contrast, sharpness,
structure and so on. The study still highlighted the decreasing possibilities of
searching into over exposed photos (page 7 of the “Sensor Noise Camera
Identification: Countering Counter-Forensics” research).
7.9 Data Shredding
One day, you may need a given file no more – whether it’s encrypted or not.
That day, don’t just throw it in the bin: the file will stay there or, at least, leave
some traces of its presence, possibly making it recoverable. In this chapter, we
will cover all the known methods to completely destroy every evidence within
your computer, especially the ROM memories storing your data.
7.9.1 How to perform Data Shredding
When the possibility to recover deleted files from a PC was discovered,
dozens of free and commercial software sprang out, allowing to solve this
problem. At the moment, we can break down the tools into three broad
categories:
-
Disk Cleaners
-
File Wipers
-
Physical drive destruction
7.9.1.1 Disk Cleaners
Such category includes software using different methods to sanitize a given
Hard Disk. Essentially, they clear the drive sectors still containing phantom data
information (a sort of in-memory reminiscence), which will be used by the
operating system only when no free space is left on the Hard Disk.
However, the reliability of Disk Cleaners has been placed under discussion
by many industry experts, since the techniques used are too weak and only
focused on winning the “speed benchmark competitions”; furthermore, many of
the software performing this task use to leave traces within the operating system
proprietary logs.
BleachBit
BleachBit is an opensource program that cleans the disk space, optimizes the
computer performance and ensures a better privacy for the user. Available for
Windows, macOS and GNU/Linux, Bleachbit maintains the promise providing
tools designed to remove cache, cookies, history and logs from the main
browser, also integrating a convenient feature to verify and rewrite the
unallocated disk space (we are going to cover this topic in the “File Shredding”
chapter).
Naturally, installing the program on Debian is a no-brainer:
$ su
$ apt-get install bleachbit
However, if for any reason it’s not available among the Operating System
repositories, you can download
[118]
and install the package directly from the
official site. Since the program is extremely easy to use (it actually requires just
two clicks) we won’t explore it further.
Other Disk Cleaning software
We can find many other tools designed for Disk Cleaning online. The
following list includes those I feel to recommend:
-
CCleaner
[119]
for Windows, macOS and Android
-
Glary Utilities
[120]
for Windows and Android
-
Clean Master
[121]
7.9.1.2 File Shredding
The File Shredding practice deals with this situation with a more straight-
forward approach, overwriting the memory position which the pre-existing file
was allocated to with random bytes. The more that position will be overwritten,
the more will be the chances of erasing the original file data for good. There are
different opinions about the number of reiterations required for a proper File
Shredding elimination: for example, the NSA recommends 3, the Department of
Defense 7, while Peter Gutmann (who invented the Gutmann method) used even
35 reiterations for his most famous pattern. Everybody will make their own
assessment, but 35 may indeed be a disproportionate number, even if the
explanation makes sense (of course it does!); actually, however, 5-6 reiterations
may be enough for the randomization to allow an infinite number of file
rebuilding hypotheses. For the sake of clarity, today, the Gutmann method is not
effective anymore, because his studies were based on old patterns used in the
IDE Hard Disks of the late '90s. Furthermore, we have to consider that, from
2001 on, many storage media manufacturers focused on Data Shredding, to the
point to standardize their products with a technology known as ATA Secure
Eras
[122]
e; according to a research conducted in 2011, however, only half of the
worldwide manufacturers adopted this feature.
How to perform File Shredding
File Shredding is not particularly difficult; you can find many tools for any
Operating System. Unfortunately, however, no one (except BleachBit) is cross-
platform, therefore we must summarize one for each OS:
-
CCleaner
[123]
includes the Drive Wiping feature to clear the space occupied
by deleted files. Only available for Windows.
-
Once again, a huge number of File Shredding tools is also available for
Windows: Eraser
[124]
, Securely File Shredder
[125]
, Freeraser
[126]
, WipeFile
[127]
,
Secure Eraser
[128]
and many more.
-
On Mac OS/OSX, Permanent Eraser
[129]
is seemingly the most reliable one
-
The most recommended tool for GNU/Linux is shred
[130]
Do'stlaringiz bilan baham: |
