SERVER SIDE REQUEST FORGERY (SSRF)
Understanding SSRF Attack: Server Side Request Forgery (SSRF) is a type of cyber attack, it is a web application vulnerability that has recently gained attention due to its potential for ...
Digital Forensics Jay Ravtole todayMarch 26, 2024
Error deleting is never safe. In a file system, deleting a file just deletes the file’s entry (pointer) from the file index. Consequently, the actual data is still present on the disk and is simply retrievable with the use of a simple data recovery program. Thus, before discarding, donating, or otherwise getting rid of your storage devices, make sure all of the data on them is entirely erased using a data erasure program.
A data erasing tool provides a variety of erasure techniques to guarantee that data is permanently erased and cannot be recovered. Erasure algorithms are a collection of guidelines and directives, or, to put it another way, a formula for erasing data from a memory device by simultaneously confirming it and overwriting it with random data bits (values/characters) one, two, or more times.
Globally, a variety of data erasure techniques are employed to remove sensitive, private, and confidential data entirely from memory devices, including hard drives, SSDs, SD cards, Flash drives, and the like, beyond the point of recovery. The most well-known military institutions in the world, including the US Department of Defense, as well as national and international governments, have created some of these erasure algorithms. These algorithms are made to make sure their private and secret files and data don’t leak, don’t end up in the hands of an enemy or unauthorized party, and can’t be recovered using any method that is commercially available.
Here are a few of the best data erasure standards & algorithms that you, as an individual or business, can utilize to guarantee data security and sanitization.
The DOD 5220.22-M, as defined by the US National Industrial Security Program (NISP), is also known as DOD 5220.2-M (notice that 22-M has been substituted with 2-M). The Defense Security Service (DSS) created it as a safe data sanitization method. It is also one of the most popular, safest, and improved erasure standards for data sanitization; it is applied in three and seven passes with different verification intervals.
Below are a few other popular versions of the DoD 5220.2-M:
The distinction between them is that each employs a character and its complement in varying verification frequencies and number of passes.
3 Passes
7 Passes
The US Army defined and published the AR 380-19 data erasing procedure in Army Regulation 380-19. This data erasure algorithm eliminates the data in three stages, as described below.
The United States Air Force (USAF) defined the AFSSI-5020 in its Air Force System Security Instruction 5020. This data sanitization approach employs zeros, ones, and pseudo-random values, however in a different order and number of passes. It is similar to DoD 5220.22-M.
The Royal Canadian Mounted Police defined this data sanitization algorithm. It uses six runs of complimentary repeating values before overwriting a pseudo-random character with verification on the seventh iteration.
Unlike DoD 5220.22-M that verifies overwrite after each overwrite, this algorithm verifies overwrite in the 7th pass only.
The British HMG IS5 erasure standard employs two or three passes to write a combination of zero, one, and random data with verification. The British HMG IS5 three pass is far superior to the two passes.
2 pass British HMG IS5:
3 Pass British HMG IS5
Peter Gutmann invented the Gutmann data sanitization technique in 1996. It is one of several software-based data sanitization standards used by data erasure tools to overwrite existing data on a hard disk or other storage media.
The Peter Gutmann algorithm works by repeatedly overwriting some pseudo-random values (35 passes). The Gutmann method uses random values for the first and last four passes, followed by a complex pattern from passes 5 to 31.
Pass 1-35: Overwrites pseudo-random values
Because this was designed in the late 1900s, most of the passes may not be applicable to modern drives. Erasing a single file 35 can take from minutes to hours or days, depending on the file size and write speed of the memory media. Nonetheless, this method is one of the most effective at removing all traces of data from storage systems.
GOST-R-50739-95 is a set of data erasure standards developed by Russians to prevent unwanted access to information. This data sanitization algorithm is applied in the following ways:
Method 1:
Method 2:
Pass 1: Overwrites random characters
All data erasure methods are quite similar apart from the number of passes and what or how the character is written over existing data. They all are equally capable of destroying the data from a storage media. But with a tool such as Stellar File Eraser, you can choose your desired data erasure algorithm to accomplish the data sanitization. Unlike other erasure tools, the Stellar File Eraser also generates a certificate of erasure that gives you complete peace of mind and guarantees that the data is destroyed permanently beyond the scope of recovery.
We talked about data security and seven practical data erasure algorithms that any individual or organization can utilize to sanitize data. Before wiping a memory device, be sure there are no vital files that you will require later. When you employ an erasure algorithm to wipe data, it cannot be recovered under any circumstances, including with available forensic tools. Thus, exercise extreme caution before starting with data sanitization.
Written by: Jay Ravtole
Tagged as: Peter Gutmann, Hawk Eye Forensic, Russian Standard – GOST-R-50739-95, hawk eye forensic lab, File deletion algorithms, Data erasure techniques, Permanently Erasing Files, Secure file deletion methods, Permanently Erasing Files and Folders, Data sanitization algorithms, U.S. Department of Defense (DoD 5220.22-M), Secure deletion software, US Army AR 380-19, File shredding algorithms, US Air Force AFSSI-5020, Data destruction methods, Canadian RCMP TSSIT OPS-II, Military-grade file wiping, British HMG IS5, Secure file deletion protocols.
Understanding SSRF Attack: Server Side Request Forgery (SSRF) is a type of cyber attack, it is a web application vulnerability that has recently gained attention due to its potential for ...
Digital Forensics Anjali Singhal
Digital Forensics Anjali Singhal / May 20, 2024
Introduction In the modern digital landscape, the threat of malware looms large over individuals, businesses, and governments alike. Malware, short for malicious software, encompasses a variety of harmful programs designed to disrupt, damage, or gain unauthorized access to computer systems. With cyber threats becoming more sophisticated, the field of malware forensic analysis has become crucial. ...
Copyright 2023 all rights reserved by Hawk Eye Forensic.
Post comments (0)