Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How effective IS secure over-writing? 3

Status
Not open for further replies.

spy1

Technical User
Jun 9, 2006
26
US
Situation: Dad (me) very active politically online - especially as regards out-of-control Executive Branch extension of power

Son - 20 year old normal male, likes porn sites.

Can you tell me whether following the "exit strategy" will be sufficient to make "bad" stuff totally non-recoverable on this SOHO computer?

(Note that Windows is set to clear the swapfile at re-start and Page Defrag from SysInternals - sysinternals.com/Utilities/PageDefrag.html - is set to run automatically at every re-start. SystemRestore is totally dis-abled, as are RemoteRegistry and RemoteDesktop.

All browsers - IE, FireFox, Opera - are set to delete personal data/clear temp files/not remember history for longer than one day/remove d/l history upon exit, etc.)

Run CleanCache v3.2 - buttuglysoftware.com with all options set re: finding/deleting what's found - 35 single wiping passes - with no back-ups permitted. (Covers all three browsers and is actually pretty awesome in and of itself - notwithstanding the fact that it requires the .Net framework).

Run CCleaner v.1.28.277 - ccleaner.com, set likewise except for a seven-wipe max (it's catches a couple of things that CC misses, mainly the jre caches and Windows Update un-install stuff). No logs allowed.

Run Index.dat Suite - support.it-mate.co.uk/?mode=Products&p=index.datsuite - to make absolutely sure all index.dats are found and deleted. (No "back-ups" and all other cleaning functions selected in that, too, although to just "deletes", doesn't multiple-pass over-write). No logs allowed.

Re-start computer.

Run SpyBot Search&Destroy, followed immediately by NTREGOPT and another re-start. No logging allowed.

At that point - having deleted everything I can possibly think of - I start off a single "free-space" wipe with Eraser Version 5.7 - heidi.ie/eraser/ as I'm walking out the door.

(Eraser also does another "free-space" wipe - scheduled - nightly).

Can anyone think of anything I'm missing? Maybe in regard to the .Net Framework stuff? Pete
 
I take it you're disposing of computer?

If you're that concerned, I would have purchased a new hard drive, install the bundled OS and apps on it, and taken a ball peen hammer to the old HD.
 
A low-level format will write a '0' over every byte.
A few low-level formats should ensure that no one short of the FBI will bother you.

If that's still a problem, put the hard drive close to a strong magnetic field.. Or the ball-peen hammer solution.

"That time in Seattle... was a nightmare. I came out of it dead broke, without a house, without anything except a girlfriend and a knowledge of UNIX."
"Well, that's something," Avi says. "Normally those two are mutually exclusive."
-- Neal Stephenson, "Cryptonomicon"
 
The only way to be sure is to demolish the physical media, not just dent it a few times with a hammer, or wipe it with a magnet. DOD still pulverizes many hard drives at their end of life.

As Trevoke pointed out, nobody but the FBI, and they have plenty of other ways to check you out if they really want to.

Out of control? Google on “Carnivore”


Steve
 
Um - guys? I'm not planning to dispose of the computer.

That's my DAILY "exit routine" before stepping away from the computer to go to work.

The point of laying it out was to find out if any of you could point to anything that I was conceivably missing as far as erasing un-necessary stuff went. Pete
 
Your ISP will have logs on the IPs accessed from your computer. I wonder if they are sharing them with the NSA yet?

Cheers,
ND [smile]
 
<g> I'm sure they are - that's the whole point. I'm trying to ensure the possibility of a "plausible deniability" defense if it's ever needed.

IOW, if nothing incriminating can be found on the HD itself, the ISP records' impact could be minimized if not eliminated entirely through a "Hey - who knows what goes through my connection - the stupid light blinks all the time whether I'm actually doing anything (or even there ) or not?".
 
Anything else, and it will still be processing when you return home at night! :)

-David
2006 Microsoft Most Valueable Professional (MVP)
2006 Dell Certified System Professional (CSP)
 
spy1:

Have you thought about just running a computer without a hard drive? There are many live linux cd's that operate that way. NO hard drive = NO evidence.
 
BTDT - No, but it sounds like something that I really need to check into. Thanks! Pete
 
Knoppix is a good one to check out, we've used that here before.


Carlsberg don't run I.T departments, but if they did they'd probably be more fun.
 
spy1:

Here is a simple one that you can burn to a mini-cd and carry around with you to use on virtually any computer.


After you get familiar with it, you may want to go with the larger ones like Knoppix that let you save personal settings to a removable pen drive.
 
Cool! Thanks again, I'll start checking it out tomorrow. And Knoppix shortly thereafter, I'm sure, Grenage.

Great place! Pete
 
I've an old teletype terminal with 300 baud accoustic coupler (No screen) after each browsing session I shread the paper output and then burn it. That way no-one can pickup the radiation output of my monitor.

Mike

"A foolproof method for sculpting an elephant: first, get a huge block of marble, then you chip away everything that doesn't look like an elephant."

 
but if anything, your ISP records will be tracking this advice request.

Hope this Helps.

Neil J Cotton
njc Information Systems
Systems Consultant
 
At least ISP's don't give out information to the press, especially over legal things.


Carlsberg don't run I.T departments, but if they did they'd probably be more fun.
 
But surely by posting this online you've already wiped your denialbilty away. This thread will be around for a long timr, and If google does a sweep, then it's in their archives as well. I'm afraid you've shot yourself in the foot. (Although technically that phase is misused, because shooting yourself in the foot in the 1st world war mean't you didn't become machine gun fodder..hey ho).

Only the truly stupid believe they know everything.
Stu.. 2004
 
lol! The good info was worth it - the other posts were good for a grin. I'll gladly give up my own plausible deniability that others may have it. Pete
 
Unless of course you're accessing the forums from a laptop at the top of someone elses telephone pole ;)


Carlsberg don't run I.T departments, but if they did they'd probably be more fun.
 
Yes, Googling "spy1" returns everything in the universe on me, but that's okay - I don't care.

I really do appreciate all the good info I've gotten here, and I'll try to return the favor if the opportunity arises. Pete
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top