Home page
Forensic Bulletin Request Form
Forensic Bulletin Back Issues
Investigation Services
Laboratory Services
Computer Forensic Systems

Irresponsible reporting or Privacy for the Paranoid?

Previous Page Volume 4, Issue 1 Contents Next Page

A large circulation monthly computing magazine in the UK struck a blow for IT Security teams and law enforcement Officers this month. Not only did it attach a full working copy of evidence eliminator 3.1 on the free cover CD, but it also printed a five-page article on how to "cover your tracks".

Perhaps there is a legitimate use for software of this kind to ensure that spouses or children do not stumble across the hundreds of pornographic sites you have been visiting. However, should we be equipping the paedophile so easily with software of this type? And what about the corporate environment. If staff have been time wasting or breaking email or Internet policies, should they really be allowed to cover up their tracks?

On this last question, IT Security Officers and policy writers can do something. Start by ensuring that policies explicitly ban the use of software of this type within your organisation. Arguments as to a legitimate use for software such as Internet Cleanup, Quickclean, Surfsecret and Window Washer in the work environment are non-starters. This type of software will never delete all the traces that you want it to from hard drives.

If you want to effectively remove all sensitive data from a disk, then follow Vogon's advice from a recent survey of data erasure products for Network News. We looked at FormatSecure, WipePro, BCWipe, DataEraser, SCSI Bios-based data destruction, Powerquest, an electric sander and a hammer. The best two ways of deleting all the data off the drives were to use a hammer or the electric sander. Although it took time to take the platters apart and a long time sanding, the sander was significantly easier to use (and less dangerous – protective clothing must be worn!) than the hammer. All the software methods were less effective.

So for confidential and sensitive data there is no alternative but to destroy your disks once you do not require them anymore. Do not pass the drives onto charities or Schools with the hard disk still inside.

As for your employees eliminating evidence of what they have been up to, tighten up your policies and carry out spot audits to ensure that this type of software is not being used within your organisation.


  Home Page | Investigation Services | Laboratory Services | Forensic Systems