[SATLUG] OT: Prep for safe equipment disposal
wmail at dslextreme.com
Mon Oct 26 22:24:25 CDT 2015
Alan Lesmerises wrote:
>I have more than a couple of computers, external hard drives, flash
>drives, etc., and at least some of them will have some sensitive
>information on them. ... to securely wipe all the data off of them
>What would be your suggestions for looking for a service like that?
I think you're looking at this from the wrong end. Sensitive data should
be properly encrypted so it is useless as it sits on the media until you
personally unlock it each time it is needed. The more valuable something
is -- either by its secrecy (proverbial formula for Coca-Cola) or by
exploiting its knowledge (numbered Swiss bank account) -- the more
layers of defense should be considered. You probably don't need an
isolated system built of pre-1970 components in a Faraday-cage room, but
it's sobering to know there are people whose job it is to exfiltrate
data from just such a setting.
Perhaps the keys to certain repositories could be trusted also to your
lawyer (under attorney-client privilege) for items that may need to
survive you, but it general I'd follow the adage: "Two may keep a secret
if one of them is dead."
Unfortunately, recent revelations about how badly the secure software &
hardware industry worldwide has been polluted by the NSA and the like
make this considerably easier said then done. --Don
Puns happen because bad people exploit security flaws in language.
More information about the SATLUG