Hard drive: Difference between revisions
(38 intermediate revisions by 5 users not shown) | |||
Line 1: | Line 1: | ||
A hard drive records data (text, images, databases, | A hard drive records data (text, images, databases, software) on a magnetic platform. Originally independent peripherals, a desktop PC, tablet and smartphone will usually have one built in, that is where the operating system resides, you can expand storage with external drives attached to a hardware port, the main way peripherals are attached. This is the same technology used by cloud services, anything you store in the cloud, you must think of it as storing your data in another person´s hard drive, not yours, this means that they can read it and services like Dropbox and OneDrive automatically scan anything you upload to detect illegal images of child pornography, because it is their hard drive and not yours, they can do anything they want with it. | ||
Other technologies have partly replaced magnetic hard drives in consumer products: read-write optical drives (CDs, DVDs, and BluRay discs use this technology), and using RAM circuits | Other technologies have partly replaced magnetic hard drives in consumer products: read-write optical drives (CDs, DVDs, and BluRay discs use this technology), and using RAM circuits to act as memory, thus producing memory sticks and solid state disks. These are usually more expensive than rotating drives but have faster access and reliability because they have no moving parts, and therefore are less susceptible to catastrophic crashes, laptops, smartphones and tablets use solid state disk drives to store data because of their small size, reliability and low power consumption. | ||
== | == Forensic analysis == | ||
In an operating system there are always temporary files and logs created all over the place. Every time you open a document, view a picture or watch a video your operating very often creates a temporary copy in another part of the drive that is not visible to you but it will be found with specialist forensic tools, even with the browser in Private mode something could be left behind. | |||
You can buy programs like CyberScrub that claim to carry out military-grade erasure of all data, including temporary files, by overwriting it with multiple passes of a random algorithm or zeros and wiping hard drive free space, this makes it very difficult or impossible to recover the data but depending on many factors, like how good the software is, your computer unexpectedly crashing or permissions stopping data erasure, sometimes the software might not erase 100% of everything left behind. Another caveat of secure data erasing is that you don´t have the time to run the software every single day and if you lose your laptop it could be that the last time you securely erased the data was a week ago and every single page you visited and file you viewed will be found. Another common problem is that although the file can not be recovered, often the file name can still be read and this could be telling of the kind of file you viewed. | |||
One good way to secure your operating system is by fully encrypting it with a tool like VeraCrypt in Windows, Linux and Mac have different software that can do that. If for some reason you can´t encrypt your operating system and you care about privacy you should still use Private mode in your browser and use software to securely erase data but always bearing in mind that this might not be totally effective, learning how full disk encryption works it is well worth if the leakage of the personal data you hold could lead to life changing situations such as a divorce or financial ruin. There are also differences in between how data must be securely erased in a hard drive with plates, a solid state disk and a hybrid disk, with technology changing everyday day, the software that promises to securely wipe data might not be effective. | |||
Another excellent way to thwart a forensic analysis of your hard drive is by using a live operating system that runs in RAM such as Tails, for this you will need a USB thumbdrive, burn the Tails operating system in the USB and boot your computer from the USB drive, the instructions to do this can be found in the Tails homepage. When you run an operating system all in RAM logs are still created but as soon as you switch off the computer everything is going to be irrecoverable for ever because nothing was written on the disk to start with, your activities run in volatile RAM memory. You could also have a computer without a hard drive and run your operating system using a DVD where writing data is impossible, the caveat is that if you wish to save a document you downloaded you will have to do so in an external device as saving it to the operating system will be impossible since it resets to the original state every time you reboot the computer. | |||
to | |||
== Encryption == | |||
Data on a storage device can be encrypted, that is requiring some kind of password or similar to decode. [[Encryption]] is a major military topic. Both sides - as in World War Two - struggle to come with up with an encryption protocol that the other side can not figure out how to decode. | |||
== | There are ways various ways to bypass encryption, the most common is by trying to find non encrypted versions of your files in other parts of your operating system but this will not work if you have encrypted the whole operating system, in such a case the only way in is by trying to break the encryption scheme you used, Microsoft own encryption called Bitlocker offers you to save a backup of your decryption keys, that would be a way in if somebody finds them but if you use something like Veracrypt, which is open source and has been audited as not having any backdoor and assuming you used a long passphrase, the only way in would be what cryptographers call a ''brute force attack'' which consists in a farm of cloud computers trying multiple passwords every minute, to stop this attack Veracrypt slows down the numbers of tries you can make, it could take hundreds of years for anybody, including three letter agencies, to brute force a fully encrypted operating system, when such a case comes up the best course of action is to try and guess what password you might have used by going through all of your known passwords since people often reuse them. Some countries like the UK and Australia also have laws that punish with prison refusing to reveal your password to law enforcement. | ||
== See also == | |||
* [[Privacy Freeware]] | |||
* [[Erasure of digital information]] | |||
* [[Encryption]] | |||
[[Category:Technology]] |
Latest revision as of 14:46, 9 August 2022
A hard drive records data (text, images, databases, software) on a magnetic platform. Originally independent peripherals, a desktop PC, tablet and smartphone will usually have one built in, that is where the operating system resides, you can expand storage with external drives attached to a hardware port, the main way peripherals are attached. This is the same technology used by cloud services, anything you store in the cloud, you must think of it as storing your data in another person´s hard drive, not yours, this means that they can read it and services like Dropbox and OneDrive automatically scan anything you upload to detect illegal images of child pornography, because it is their hard drive and not yours, they can do anything they want with it.
Other technologies have partly replaced magnetic hard drives in consumer products: read-write optical drives (CDs, DVDs, and BluRay discs use this technology), and using RAM circuits to act as memory, thus producing memory sticks and solid state disks. These are usually more expensive than rotating drives but have faster access and reliability because they have no moving parts, and therefore are less susceptible to catastrophic crashes, laptops, smartphones and tablets use solid state disk drives to store data because of their small size, reliability and low power consumption.
Forensic analysis
In an operating system there are always temporary files and logs created all over the place. Every time you open a document, view a picture or watch a video your operating very often creates a temporary copy in another part of the drive that is not visible to you but it will be found with specialist forensic tools, even with the browser in Private mode something could be left behind.
You can buy programs like CyberScrub that claim to carry out military-grade erasure of all data, including temporary files, by overwriting it with multiple passes of a random algorithm or zeros and wiping hard drive free space, this makes it very difficult or impossible to recover the data but depending on many factors, like how good the software is, your computer unexpectedly crashing or permissions stopping data erasure, sometimes the software might not erase 100% of everything left behind. Another caveat of secure data erasing is that you don´t have the time to run the software every single day and if you lose your laptop it could be that the last time you securely erased the data was a week ago and every single page you visited and file you viewed will be found. Another common problem is that although the file can not be recovered, often the file name can still be read and this could be telling of the kind of file you viewed.
One good way to secure your operating system is by fully encrypting it with a tool like VeraCrypt in Windows, Linux and Mac have different software that can do that. If for some reason you can´t encrypt your operating system and you care about privacy you should still use Private mode in your browser and use software to securely erase data but always bearing in mind that this might not be totally effective, learning how full disk encryption works it is well worth if the leakage of the personal data you hold could lead to life changing situations such as a divorce or financial ruin. There are also differences in between how data must be securely erased in a hard drive with plates, a solid state disk and a hybrid disk, with technology changing everyday day, the software that promises to securely wipe data might not be effective.
Another excellent way to thwart a forensic analysis of your hard drive is by using a live operating system that runs in RAM such as Tails, for this you will need a USB thumbdrive, burn the Tails operating system in the USB and boot your computer from the USB drive, the instructions to do this can be found in the Tails homepage. When you run an operating system all in RAM logs are still created but as soon as you switch off the computer everything is going to be irrecoverable for ever because nothing was written on the disk to start with, your activities run in volatile RAM memory. You could also have a computer without a hard drive and run your operating system using a DVD where writing data is impossible, the caveat is that if you wish to save a document you downloaded you will have to do so in an external device as saving it to the operating system will be impossible since it resets to the original state every time you reboot the computer.
Encryption
Data on a storage device can be encrypted, that is requiring some kind of password or similar to decode. Encryption is a major military topic. Both sides - as in World War Two - struggle to come with up with an encryption protocol that the other side can not figure out how to decode.
There are ways various ways to bypass encryption, the most common is by trying to find non encrypted versions of your files in other parts of your operating system but this will not work if you have encrypted the whole operating system, in such a case the only way in is by trying to break the encryption scheme you used, Microsoft own encryption called Bitlocker offers you to save a backup of your decryption keys, that would be a way in if somebody finds them but if you use something like Veracrypt, which is open source and has been audited as not having any backdoor and assuming you used a long passphrase, the only way in would be what cryptographers call a brute force attack which consists in a farm of cloud computers trying multiple passwords every minute, to stop this attack Veracrypt slows down the numbers of tries you can make, it could take hundreds of years for anybody, including three letter agencies, to brute force a fully encrypted operating system, when such a case comes up the best course of action is to try and guess what password you might have used by going through all of your known passwords since people often reuse them. Some countries like the UK and Australia also have laws that punish with prison refusing to reveal your password to law enforcement.