By now most of us know that when we delete a file from our computer it isn’t really gone – the space is merely marked as being available for reuse. Unlike in the physical world, where we can easily shred or burn documents we wish to dispose of (and put the others out in the same trash bag as the kitchen waste and used kitty litter) it’s relatively hard to do the same on our PCs.
If our operating systems and applications were designed with privacy in mind, we could simply tell them that we don’t want to retain any browsing history, that our web cache and cookies should be deleted when we close our browser, that we aren’t interested in being presented with a list of our most recently used files, and that the last date/time a file was read isn’t necessary information. We could also tell it to overwrite disk space when it’s done with it.
The technical reasons behind some of these issues were originally performance related, but given the speed of computers these days, there is no good reason that our computer needs to keep notes on what we’ve been using it for.
Of course when one brings up these issues, there are those who ask, “What do you have to hide?” Child pornography is an often-quoted example of why computer forensics is a good thing, and I certainly agree that child pornographers should receive an express ticket to jail (or worse). But I’m not willing to give up fundamental privacy rights and live in digital glass houses in order to make it easier to catch criminals.
I’ve written before about hard drive encryption, and full drive encryption remains the best way to safeguard your privacy. The enhanced BitLocker functionality in Windows 7 combined with the TPG chip in many new computers are a move in the right direction. The open source TrueCrypt project is great, but they need to quick adapt to new realities in Windows 7.
Self-encrypting hard drives appear to be a promising technology, but while vendors brag about them, they aren’t readily available and technical information remains marginal at best. If — as a security professional and writer — I can’t get my hands on one to test, I have to conclude that they’re not a viable option at this time.
Then there are software products that perform tasks such as wiping free space and deleting unwanted browser histories. From a functional security perspective, products like Evidence Eliminator can perform a nice clean-up of your computer, deleting temporary files, browser artefacts, and wiping unused hard drive space to eliminate ‘deleted’ data. But “Evidence Eliminator” is a really bad idea.
From a security perspective, this product (and to be fair many others in the same category) often creates a bigger problem than it solves: While they do a good job of removing unwanted data, they also do a fantastic job of creating evidence that you ran “Evidence Eliminator”. It quite amusing to read of people attempting to explain in court that they didn’t delete data pertaining to the matter in front of the court when they ran “Evidence Eliminator”. By definition, if you’re eliminating evidence, you look guilty.
Ironically, by calling the product “Evidence Eliminator”, the vendor has made performing clean-up tasks that may be quite reasonable in many circumstances look like a criminal act.
Imagine you’re at work and someone you know emails a URL. You download a file you expect contains something humours and end up with porn on your work computer. Sure we can discuss why you shouldn’t have downloaded it in the first place, but there are countless scenarios that could result in you having some type of data on your drive that you don’t want.
In the physical world, you could toss it in the shredder bin, take it home and put it in the fireplace, or otherwise dispose of it. We should have the same ability with data. But it’s just real deletion that we want, not evidence elimination.
On the off chance that enterprising developers are reading, there are two products missing from the market – or at least I can’t find them!
The first is a clean-up product that runs entirely from a USB stick and does not require installation on the PC. Running it would clean up the hard drive, overwrite browser artefacts, temporary files, wipe free hard drive space, etc. In fact, it would do most of the things that Evidence Eliminator does – except the purpose would be to clean up the computer and protect privacy – not destroy evidence.
The second is an installable package that monitors system use and cleans up after the user automatically. In short, it would protect privacy by doing what the operating system and applications should offer to do by itself really deleting stuff.
Thoughts? Questions? Ideas?
Let’s hear ‘em!