Computers-Hacking
See other Computers-Hacking Articles
Title: Intro: Cleanliness is Next to Godliness: Browser cookies
Source:
LF
URL Source: [None]
Published: Feb 9, 2012
Author: buckeroo
Post Date: 2012-02-09 20:46:51 by buckeroo
Keywords: None
Views: 5751
Comments: 3
Intro: Cleanliness is Next to Godliness: Browser cookies In all cases of the above expression, some computer users leave the cleanliness of a computer to pure “happenchance” or at best an archaic process of deleting a file or a cache memory which is not much more than having your dawg lick a plate after dinner and subsequently placing the plate back on the shelf for re-use as clean. File or cache deletion is an unwise practice through the use of most popular web browsers: Cookie Monster: My browser has cookies? I did not know that. The best or optimal method to ensure proper file deletion is through a third party application that overwrites the data with any number of user selected methods from simple to extremely complex. The third party application opens the file (cache) that you selected assuming the file is not already in use. That same application then over-writes the contents of the file with the user selected method (typically a pseudo-random code) and then deletes the file pointer thus losing the data in resident memory. Again, the only way to ensure that deleted files, as well as files that you encrypt with EFS or other encryption methods (I shall cover this in the next section of this series) that are safe from recovery is to use a secure delete application. Secure delete applications overwrite a selected file using techniques that have proven to make disk data unrecoverable, even using the most modern recovery technology that can read patterns in various forms of media that reveal weakly deleted files. This is the introduction to a five part series that I plan for security reasons about your own physical and intellectual property. The series shall describe simple or easy & cost effective AND proven methods of keeping your Windows computer clean from intrusion, snooping and what I refer to leaving “breadcrumbs.” Here are the five parts: We often think of the above expression as a method of keeping “mind, body, soul, heart, word and deed” in a state of salvation (from a western cultural perspective) or a state of nirvana (from an eastern cultural perspective) in an effort to identify ourselves with a Creator or perhaps called a Supreme Being.
(1 image)
The fundamental idea is that you don’t delete the cookies. Simple deletion is tantamount to leaving “breadcrumbs.” You eat the cookies. The problem with your local cache memory using the normal web browser and other applications “deletion functions” is all it performs in the deletion process is the deletion of the file pointers to memory (typically on the HDD) and then reassigns a new memory pointer (typically on the HDD) to a new position particularly in most versions of Windows OS. The caveat is: old data is still resident in memory for any exposure towards unintended eyes to where the earlier pointer was originally pointed towards.
Cookie Monster: Where can I find them? I want to eat them.
buckeroo: Ummm, maybe we should start with clearing your cache.
Cookie Monster: Ok, how do I do that?
Post Comment Private Reply Ignore Thread
Top • Page Up • Full Thread • Page Down • Bottom/Latest
Begin Trace Mode for Comment # 2.
#2. To: buckeroo, *Jack-Booted Thugs* (#0)
Shred can only be used to overwrite files, and its use, while effective is relatively basic. What about the copies of data stored in your RAM, or in swap? And what about all the empty space on your hard drive, which was once full of personal, private information? The magnetic traces of that data is still lingering around, and if you’re getting rid of your hard drive, you’ll probably want to make sure it’s wiped before allowing the possibility of it falling into the wrong hands. The Secure-Delete tools are a particularly useful set of programs that use advanced techniques to permanently delete files. To install the Secure-Delete tools in Ubuntu, run: The Secure-Delete package comes with four commands: srm – secure remove Passes Filesystems Another thing to note is that RAID configurations and networked filesystems may affect the performance and effectiveness of these tools. Using a networked filesystem, for example, unless you can SSH into the remote computer, you can’t wipe the machine’s memory and swap. With RAID striping, there are more disks to consider, hence more redundant data traces, so you may want to consider doing a few extra passes. especially using the shred tool. If you are throwing away an old hard drive (or giving/selling it to someone), have files with personal information you don’t want anyone to be able to access, or are just a paranoid-type in general, it’s important to make sure your deleted files are permanently gone. Using some simple command line tools, you can easily and effectively delete files permanently in Linux. These are simple commands that everyone should know how to use, and can come in handy if your privacy is of concern to you. techthrob.com/2009/03/02/...ly-and-securely-in-linux/
#3. To: hondo68 (#2)
Thanks for the tips. The next presentation shall discuss your ideas in detail.
Top • Page Up • Full Thread • Page Down • Bottom/Latestthe Secure-Delete tools use a default of 38 passes
Command Function srm Secure remove; used for deleting files or directories currently on your hard disk; smem Secure memory wiper; used to wipe traces of data from your computer’s memory (RAM); sfill Secure free space wiper; used to wipe all traces of data from the free space on your disk; sswap Secure swap wiper; used to wipe all traces of data from your swap partition.
This tool is basically a more advanced version of the “shred” command. Instead of just overwriting your files with random data, it uses a special process – a combination of random data, zeros, and special values developed by cryptographer Peter Gutmann – to really, really make sure your files are irrecoverable. It will assign a random value for the filename, hiding that key piece of evidence.
A commonly asked question is, “how many passes does it take before a file can’t possibly be recovered by advanced tools, such as those used by law-enforcement? The answers here vary, and you can get a lot of extra information via google, but the basics are that the US Government’s standard is 7 passes, while data has been known to be recovered from as many as 14 passes. The “shred” tool allows you to specify the number of passes you wish to make, while the Secure-Delete tools use a default of 38 passes (enabling the “fast” and “lessen” options on the secure-delete tools significantly decreases the number of passes, however). Of course, more passes means more time, so there’s a trade-off here; depending on how private the data is, and how much time you have available, you may want to use a fewer or greater of passes.
Replies to Comment # 2.
End Trace Mode for Comment # 2.
[Home] [Headlines] [Latest Articles] [Latest Comments] [Post] [Mail] [Sign-in] [Setup] [Help] [Register]