Search This Blog

Saturday, September 21, 2024

Data erasure

From Wikipedia, the free encyclopedia
https://en.wikipedia.org/wiki/Data_erasure

Data erasure (sometimes referred to as data clearing, data wiping, or data destruction) is a software-based method of data sanitization that aims to completely destroy all electronic data residing on a hard disk drive or other digital media by overwriting data onto all sectors of the device in an irreversible process. By overwriting the data on the storage device, the data is rendered irrecoverable.

Ideally, software designed for data erasure should:

  1. Allow for selection of a specific standard, based on unique needs, and
  2. Verify the overwriting method has been successful and removed data across the entire device.

Permanent data erasure goes beyond basic file deletion commands, which only remove direct pointers to the data disk sectors and make the data recovery possible with common software tools. Unlike degaussing and physical destruction, which render the storage media unusable, data erasure removes all information while leaving the disk operable. New flash memory-based media implementations, such as solid-state drives or USB flash drives, can cause data erasure techniques to fail allowing remnant data to be recoverable.

Software-based overwriting uses a software application to write a stream of zeros, ones or meaningless pseudorandom data onto all sectors of a hard disk drive. There are key differentiators between data erasure and other overwriting methods, which can leave data intact and raise the risk of data breach, identity theft or failure to achieve regulatory compliance. Many data eradication programs also provide multiple overwrites so that they support recognized government and industry standards, though a single-pass overwrite is widely considered to be sufficient for modern hard disk drives. Good software should provide verification of data removal, which is necessary for meeting certain standards.

To protect the data on lost or stolen media, some data erasure applications remotely destroy the data if the password is incorrectly entered. Data erasure tools can also target specific data on a disk for routine erasure, providing a hacking protection method that is less time-consuming than software encryption. Hardware/firmware encryption built into the drive itself or integrated controllers is a popular solution with no degradation in performance at all.

Encryption

When encryption is in place, data erasure acts as a complement to crypto-shredding, or the practice of 'deleting' data by (only) deleting or overwriting the encryption keys.

Presently, dedicated hardware/firmware encryption solutions can perform a 256-bit full AES encryption faster than the drive electronics can write the data. Drives with this capability are known as self-encrypting drives (SEDs); they are present on most modern enterprise-level laptops and are increasingly used in the enterprise to protect the data. Changing the encryption key renders inaccessible all data stored on a SED, which is an easy and very fast method for achieving a 100% data erasure. Theft of an SED results in a physical asset loss, but the stored data is inaccessible without the decryption key that is not stored on a SED, assuming there are no effective attacks against AES or its implementation in the drive hardware.

Importance

Information technology assets commonly hold large volumes of confidential data. Social security numbers, credit card numbers, bank details, medical history and classified information are often stored on computer hard drives or servers. These can inadvertently or intentionally make their way onto other media such as printers, USB, flash, Zip, Jaz, and REV drives.

Data breach

Increased storage of sensitive data, combined with rapid technological change and the shorter lifespan of IT assets, has driven the need for permanent data erasure of electronic devices as they are retired or refurbished. Also, compromised networks and laptop theft and loss, as well as that of other portable media, are increasingly common sources of data breaches.

If data erasure does not occur when a disk is retired or lost, an organization or user faces a possibility that the data will be stolen and compromised, leading to identity theft, loss of corporate reputation, threats to regulatory compliance and financial impacts. Companies spend large amounts of money to make sure their data is erased when they discard disks. High-profile incidents of data theft include:

  • CardSystems Solutions (2005-06-19): Credit card breach exposes 40 million accounts.
  • Lifeblood (2008-02-13): Missing laptops contain personal information including dates of birth and some Social Security numbers of 321,000.
  • Hannaford (2008-03-17): Breach exposes 4.2 million credit, debit cards.
  • Compass Bank (2008-03-21): Stolen hard drive contains 1,000,000 customer records.
  • University of Florida College of Medicine, Jacksonville (2008-05-20): Photographs and identifying information of 1,900 on improperly disposed computer.
  • Oklahoma Corporation Commission (2008-05-21): Server sold at auction compromises more than 5,000 Social Security numbers.
  • Department of Finance, the Australian Electoral Commission and National Disability Insurance Agency (2017-11-02) - 50,000 Australians and 5000 Federal Public servant records.

Regulatory compliance

Strict industry standards and government regulations are in place that force organizations to mitigate the risk of unauthorized exposure of confidential corporate and government data. Regulations in the United States include HIPAA (Health Insurance Portability and Accountability Act); FACTA (The Fair and Accurate Credit Transactions Act of 2003); GLB (Gramm-Leach Bliley); Sarbanes-Oxley Act (SOx); and Payment Card Industry Data Security Standards (PCI DSS) and the Data Protection Act in the United Kingdom. Failure to comply can result in fines and damage to company reputation, as well as civil and criminal liability.

Preserving assets and the environment

Data erasure offers an alternative to physical destruction and degaussing for secure removal of all the disk data. Physical destruction and degaussing destroy the digital media, requiring disposal and contributing to electronic waste while negatively impacting the carbon footprint of individuals and companies. Hard drives are nearly 100% recyclable and can be collected at no charge from a variety of hard drive recyclers after they have been sanitized.

Limitations

Data erasure may not work completely on flash based media, such as Solid State Drives and USB Flash Drives, as these devices can store remnant data which is inaccessible to the erasure technique, and data can be retrieved from the individual flash memory chips inside the device. Data erasure through overwriting only works on hard drives that are functioning and writing to all sectors. Bad sectors cannot usually be overwritten, but may contain recoverable information. Bad sectors, however, may be invisible to the host system and thus to the erasing software. Disk encryption before use prevents this problem. Software-driven data erasure could also be compromised by malicious code.

Differentiators

Software-based data erasure uses a disk accessible application to write a combination of ones, zeroes and any other alpha numeric character also known as the "mask" onto each hard disk drive sector. The level of security when using software data destruction tools is increased dramatically by pre-testing hard drives for sector abnormalities and ensuring that the drive is 100% in working order. The number of wipes has become obsolete with the more recent inclusion of a "verify pass" which scans all sectors of the disk and checks against what character should be there, i.e., one pass of AA has to fill every writable sector of the hard disk. This makes any more than one pass an unnecessary and certainly a more damaging act, especially in the case of large multi-terabyte drives.

Full disk overwriting

While there are many overwriting programs, only those capable of complete data erasure offer full security by destroying the data on all areas of a hard drive. Disk overwriting programs that cannot access the entire hard drive, including hidden/locked areas like the host protected area (HPA), device configuration overlay (DCO), and remapped sectors, perform an incomplete erasure, leaving some of the data intact. By accessing the entire hard drive, data erasure eliminates the risk of data remanence.

Data erasure can also bypass the Operating System (OS). Overwriting programs that operate through the OS will not always perform a complete erasure because they cannot modify the contents of the hard drive that are actively in use by that OS. Because of this, many data erasure programs are provided in a bootable format, where you run off a live CD that has all of the necessary software to erase the disk.

Hardware support

Data erasure can be deployed over a network to target multiple PCs rather than having to erase each one sequentially. In contrast with DOS-based overwriting programs that may not detect all network hardware, Linux-based data erasure software supports high-end server and storage area network (SAN) environments with hardware support for Serial ATA, Serial Attached SCSI (SAS) and Fibre Channel disks and remapped sectors. It operates directly with sector sizes such as 520, 524, and 528, removing the need to first reformat back to 512 sector size. WinPE has now overtaken Linux as the environment of choice since drivers can be added with little effort. This also helps with data destruction of tablets and other handheld devices that require pure UEFI environments without hardware NIC's installed and/or are lacking UEFI network stack support.

Standards

Many government and industry standards exist for software-based overwriting that removes the data. A key factor in meeting these standards is the number of times the data is overwritten. Also, some standards require a method to verify that all the data have been removed from the entire hard drive and to view the overwrite pattern. Complete data erasure should account for hidden areas, typically DCO, HPA and remapped sectors.

The 1995 edition of the National Industrial Security Program Operating Manual (DoD 5220.22-M) permitted the use of overwriting techniques to sanitize some types of media by writing all addressable locations with a character, its complement, and then a random character. This provision was removed in a 2001 change to the manual and was never permitted for Top Secret media, but it is still listed as a technique by many providers of the data erasure software.

Data erasure software should provide the user with a validation certificate indicating that the overwriting procedure was completed properly. Data erasure software should also comply with requirements to erase hidden areas, provide a defects log list and list bad sectors that could not be overwritten.

Overwriting Standard Date Overwriting Rounds Pattern Notes
U.S. Navy Staff Office Publication NAVSO P-5239-26 1993 3 A character, its complement, random Verification is mandatory
U.S. Air Force System Security Instruction 5020 1996 3 All zeros, all ones, any character Verification is mandatory
Peter Gutmann's Algorithm 1996 1 to 35 Various, including all of the other listed methods Originally intended for MFM and RLL disks, which are now obsolete
Bruce Schneier's Algorithm 1996 7 All ones, all zeros, pseudo-random sequence five times
Standard VSITR of Germany Federal Office for Information Security 1999 7 The disk is filling with sequences 0x00 and 0xFF, and on the last pass - 0xAA.
U.S. DoD Unclassified Computer Hard Drive Disposition 2001 3 A character, its complement, another pattern
German Federal Office for Information Security 2004 2 to 3 Non-uniform pattern, its complement
Communications Security Establishment Canada ITSG-06 2006 3 All ones or zeros, its complement, a pseudo-random pattern For unclassified media
NIST SP-800-88 2006 1 ?
U.S. National Industrial Security Program Operating Manual (DoD 5220.22-M) 2006 3 ? No longer specifies any method.
NSA/CSS Storage Device Declassification Manual (SDDM) 2007 0 ? Degauss or destroy only
New Zealand Government Communications Security Bureau NZSIT 402 2008 1 ? For data up to Confidential
Australian Government ICT Security Manual 2014 – Controls 2014 1 Random pattern (only for disks larger than 15 GB) Degauss magnetic media or destroy Top Secret media
NIST SP-800-88 Rev. 1 2014 1 All zeros Outlines solutions based on media type.
British HMG Infosec Standard 5, Baseline Standard ? 1 Random Pattern Verification is mandatory
British HMG Infosec Standard 5, Enhanced Standard ? 3 All ones, all zeros, random Verification is mandatory

Data can sometimes be recovered from a broken hard drive. However, if the platters on a hard drive are damaged, such as by drilling a hole through the drive (and the platters inside), then the data can only theoretically be recovered by bit-by-bit analysis of each platter with advanced forensic technology.

Number of overwrites needed

Data on floppy disks can sometimes be recovered by forensic analysis even after the disks have been overwritten once with zeros (or random zeros and ones).

This is not the case with modern hard drives:

  • According to the 2014 NIST Special Publication 800-88 Rev. 1, Section 2.4 (p. 7): "For storage devices containing magnetic media, a single overwrite pass with a fixed pattern such as binary zeros typically hinders recovery of data even if state of the art laboratory techniques are applied to attempt to retrieve the data." It recommends cryptographic erase as a more general mechanism.
  • According to the University of California, San Diego Center for Magnetic Recording Research's (now its Center for Memory and Recording Research) "Tutorial on Disk Drive Data Sanitization" (p. 8): "Secure erase does a single on-track erasure of the data on the disk drive. The U.S. National Security Agency published an Information Assurance Approval of single-pass overwrite, after technical testing at CMRR showed that multiple on-track overwrite passes gave no additional erasure." Secure erase is a feature built into modern hard drives and solid-state drives that overwrites all data on a disk, including remapped (error) sectors.
  • Further analysis by Wright et al. seems to also indicate that one overwrite is all that is generally required.

Even the possibility of recovering floppy disk data after overwrite is disputed. Gutmann's famous article cites a non-existent source and sources that do not actually demonstrate recovery, only partially-successful observations. Gutmann's article also contains many assumptions that indicate his insufficient understanding of how hard drives work, especially the data processing and encoding process. The definition of "random" is also quite different from the usual one used: Gutmann expects the use of pseudorandom data with sequences known to the recovering side, not an unpredictable one such as a cryptographically secure pseudorandom number generator.

E-waste and information security

The e-waste centre of Agbogbloshie, Ghana.

E-waste presents a potential security threat to individuals and exporting countries. Hard drives that are not properly erased before the computer is disposed of can be reopened, exposing sensitive information. Credit card numbers, private financial data, account information and records of online transactions can be accessed by most willing individuals. Organized criminals in Ghana commonly search the drives for information to use in local scams.

Government contracts have been discovered on hard drives found in Agbogbloshie.

Degaussing

From Wikipedia, the free encyclopedia

Degaussing is the process of decreasing or eliminating a remnant magnetic field. It is named after the gauss, a unit of magnetism, which in turn was named after Carl Friedrich Gauss. Due to magnetic hysteresis, it is generally not possible to reduce a magnetic field completely to zero, so degaussing typically induces a very small "known" field referred to as bias. Degaussing was originally applied to reduce ships' magnetic signatures during World War II. Degaussing is also used to reduce magnetic fields in cathode ray tube monitors and to destroy data held on magnetic storage.

Ships' hulls

USS Jimmy Carter in the magnetic silencing facility at Naval Base Kitsap for her first deperming treatment
Magnetic silencing facility at Beckoning Point, Pearl Harbor, 2012
RMS Queen Mary arriving in New York Harbor, 20 June 1945, with thousands of U.S. soldiers – note the prominent degaussing coil running around the hull
Control panel of the MES-device ("Magnetischer Eigenschutz" German: magnetic self-protection) in a German submarine

The term was first used by then-Commander Charles F. Goodeve, Royal Canadian Naval Volunteer Reserve, during World War II while trying to counter the German magnetic naval mines that were wreaking havoc on the British fleet.

Close-wrap deperming of Ivan Gren-class landing ship, 2016. The cables are floated into position before wrapping around the vessel.

The mines detected the increase in the magnetic field when the steel in a ship concentrated the Earth's magnetic field over it. Admiralty scientists, including Goodeve, developed a number of systems to induce a small "N-pole up" field into the ship to offset this effect, meaning that the net field was the same as the background. Since the Germans used the gauss as the unit of the strength of the magnetic field in their mines' triggers (not yet a standard measure), Goodeve referred to the various processes to counter the mines as "degaussing". The term became a common word.

The original method of degaussing was to install electromagnetic coils into the ships, known as coiling. In addition to being able to bias the ship continually, coiling also allowed the bias field to be reversed in the southern hemisphere, where the mines were set to detect "S-pole down" fields. British ships, notably cruisers and battleships, were well protected by about 1943.

Installing such special equipment was, however, far too expensive and difficult to service all ships that would need it, so the navy developed an alternative called wiping, which Goodeve also devised. In this procedure a large electrical cable was dragged upwards on the side of the ship, starting at the waterline, with a pulse of about 2000 amperes flowing through it. For submarines, the current came from the vessels' own propulsion batteries. This induced the proper field into the ship in the form of a slight bias. It was originally thought that the pounding of the sea and the ship's engines would slowly randomize this field, but in testing, this was found not to be a real problem. A more serious problem was later realized: as a ship travels through Earth's magnetic field, it will slowly pick up that field, counteracting the effects of the degaussing. From then on captains were instructed to change direction as often as possible to avoid this problem. Nevertheless, the bias did wear off eventually, and ships had to be degaussed on a schedule. Smaller ships continued to use wiping through the war.

To aid the Dunkirk evacuation, the British "wiped" 400 ships in four days.

During World War II, the United States Navy commissioned a specialized class of degaussing ships that were capable of performing this function. One of them, USS Deperm (ADG-10), was named after the procedure.

After the war, the capabilities of the magnetic fuzes were greatly improved, by detecting not the field itself, but changes in it. This meant a degaussed ship with a magnetic "hot spot" would still set off the mine. Additionally, the precise orientation of the field was also measured, something a simple bias field could not remove, at least for all points on the ship. A series of ever-increasingly complex coils were introduced to offset these effects, with modern systems including no fewer than three separate sets of coils to reduce the field in all axes.

Degaussing range

The effectiveness of ships' degaussing was monitored by shore-based degaussing ranges (or degaussing stations, magnetic ranges) installed beside shipping channels outside ports. The vessel under test passed at a steady speed over loops on the seabed that were monitored from buildings on the shore. The installation was used both to establish the magnetic characteristics of a hull to establish the correct value of degaussing equipment to be installed, or as a "spot check" on vessels to confirm that degaussing equipment was performing correctly. Some stations had active coils that provided magnetic treatment, offering to un-equipped ships some limited protection against future encounters with magnetic mines.

High-temperature superconductivity

The US Navy tested, in April 2009, a prototype of its High-Temperature Superconducting Degaussing Coil System, referred to as "HTS Degaussing". The system works by encircling the vessel with superconducting ceramic cables whose purpose is to neutralize the ship's magnetic signature, as in the legacy copper systems. The main advantage of the HTS Degaussing Coil system is greatly reduced weight (sometimes by as much as 80%) and increased efficiency.

A ferrous-metal-hulled ship or submarine, by its very nature, develops a magnetic signature as it travels, due to a magneto-mechanical interaction with Earth's magnetic field. It also picks up the magnetic orientation of the Earth's magnetic field where it is built. This signature can be exploited by magnetic mines or facilitate the detection of a submarine by ships or aircraft with magnetic anomaly detection (MAD) equipment. Navies use the deperming procedure, in conjunction with degaussing, as a countermeasure against this.

Specialized deperming facilities, such as the United States Navy's Lambert's Point Deperming Station at Naval Station Norfolk, or Pacific Fleet Submarine Drive-In Magnetic Silencing Facility (MSF) at Joint Base Pearl Harbor–Hickam, are used to perform the procedure. During a close-wrap magnetic treatment, heavy-gauge copper cables encircle the hull and superstructure of the vessel, and high electrical currents (up to 4000 amperes) are pulsed through the cables. This has the effect of "resetting" the ship's magnetic signature to the ambient level after flashing its hull with electricity. It is also possible to assign a specific signature that is best suited to the particular area of the world in which the ship will operate. In drive-in magnetic silencing facilities, all cables are either hung above, below and on the sides, or concealed within the structural elements of facilities. Deperming is "permanent". It is only done once unless major repairs or structural modifications are done to the ship.

Early experiments

With the introduction of iron ships, the adverse effect of the metal hull on steering compasses was noted. It was also observed that lightning strikes had a significant effect on compass deviation, identified in some extreme cases as being caused by the reversal of the ship's magnetic signature. In 1866, Evan Hopkins of London registered a patent for a process "to depolarise iron vessels and leave them thenceforth free from any compass-disturbing influence whatever". The technique was described as follows: "For this purpose he employed a number of Grove's batteries and electromagnets. The latter were to be passed along the plates till the desired end had been obtained... the process must not be overdone for fear of re-polarising in the opposite direction." The invention was, however, reported to be "incapable of being carried to a successful issue", and "quickly died a natural death".

Color cathode ray tubes

Color CRT displays, the technology underlying many television and computer monitors before the early 2010s, require degaussing. Many CRT displays use a metal plate near the front of the tube to ensure that each electron beam hits the corresponding phosphors of the correct color. If this plate becomes magnetized (e.g. if someone sweeps a magnet on the screen or places loudspeakers nearby), it imparts an undesired deflection to the electron beams and the displayed image becomes distorted and discolored.

To minimize this, CRTs have a copper or aluminum coil wrapped around the front of the display, known as the degaussing coil. Monitors without an internal coil can be degaussed using an external handheld version. Internal degaussing coils in CRTs are generally much weaker than external degaussing coils, since a better degaussing coil takes up more space. A degauss circuit induces an oscillating magnetic field with a decreasing amplitude which leaves the shadow mask with a reduced residual magnetization.

A degaussing in progress

Many televisions and monitors automatically degauss their picture tube when switched on, before an image is displayed. The high current surge that takes place during this automatic degauss is the cause of an audible "thunk", a loud hum or some clicking noises, which can be heard (and felt) when televisions and CRT computer monitors are switched on, due to the capacitors discharging and injecting current into the coil. Visually, this causes the image to shake dramatically for a short period of time. A degauss option is also usually available for manual selection in the operations menu in such appliances.

In most commercial equipment the AC current surge to the degaussing coil is regulated by a simple positive temperature coefficient (PTC) thermistor device, which initially has a low resistance, allowing a high current, but quickly changes to a high resistance, allowing minimal current, due to self-heating of the thermistor. Such devices are designed for a one-off transition from cold to hot at power up; "experimenting" with the degauss effect by repeatedly switching the device on and off may cause this component to fail. The effect will also be weaker, since the PTC will not have had time to cool off.

Magnetic data storage media

Data is stored in the magnetic media, such as hard drives, floppy disks, and magnetic tape, by making very small areas called magnetic domains change their magnetic alignment to be in the direction of an applied magnetic field. This phenomenon occurs in much the same way a compass needle points in the direction of the Earth's magnetic field. Degaussing, commonly called erasure, leaves the domains in random patterns with no preference to orientation, thereby rendering previous data unrecoverable. There are some domains whose magnetic alignment is not randomized after degaussing. The information these domains represent is commonly called magnetic remanence or remanent magnetization. Proper degaussing will ensure there is insufficient magnetic remanence to reconstruct the data.

Erasure via degaussing may be accomplished in two ways: in AC erasure, the medium is degaussed by applying an alternating field that is reduced in amplitude over time from an initial high value (i.e., AC powered); in DC erasure, the medium is saturated by applying a unidirectional field (i.e., DC powered or by employing a permanent magnet). A degausser is a device that can generate a magnetic field for degaussing magnetic storage media. The magnetic field needed for degaussing magnetic data storage media is a powerful one that normal magnets cannot easily achieve and maintain.

Irreversible damage to some media types

Many forms of generic magnetic storage media can be reused after degaussing, including reel-to-reel audio tape, VHS videocassettes, and floppy disks. These older media types are simply a raw medium which are overwritten with fresh new patterns, created by fixed-alignment read/write heads.

For certain forms of computer data storage, however, such as modern hard disk drives and some tape drives, degaussing renders the magnetic media completely unusable and damages the storage system. This is due to the devices having an infinitely variable read/write head positioning mechanism which relies on special servo control data (e.g. Gray Code) that is meant to be permanently recorded onto the magnetic media. This servo data is written onto the media a single time at the factory using special-purpose servo writing hardware.

The servo patterns are normally never overwritten by the device for any reason and are used to precisely position the read/write heads over data tracks on the media, to compensate for sudden jarring device movements, thermal expansion, or changes in orientation. Degaussing indiscriminately removes not only the stored data but also the servo control data, and without the servo data the device is no longer able to determine where data is to be read or written on the magnetic medium. The servo data must be rewritten to become usable again; with modern hard drives, this is generally not possible without manufacturer-specific and often model-specific service equipment.

Audio tape recorders

In reel-to-reel and compact cassette audio tape recorders, remnant magnetic fields will over time gather on metal parts such as guide posts tape heads. These are points that come into contact with the magnetic tape. The remnant fields can cause an increase in audible background noise during playback. Cheap, handheld consumer degaussers can significantly reduce this effect.

Types of degaussers

Degaussers range in size from small ones used in offices for erasing magnetic data storage devices to industrial-size degaussers for use on piping, ships, submarines, and other large-sized items, equipment to vehicles. Rating and categorizing degaussers depends on the strength of the magnetic field the degausser generates, the method of generating a magnetic field in the degausser, the type of operations the degausser is suitable for, the working rate of the degausser based on whether it is a high volume degausser or a low volume degausser, and mobility of the degausser among others. From these criteria of rating and categorization, there are thus electromagnetic degaussers, permanent magnet degaussers as the main types of degaussers.

Electromagnetic degaussers

An electromagnetic degausser passes an electrical charge through a degaussing coil to generate a magnetic field. Sub-types of electromagnetic degaussers are several such as Rotating Coil Degaussers and Pulse Demagnetization Technology degaussers since the technologies used in the degaussers are often developed and patented by respective manufacturing companies such as Verity Systems and Maurer Magnetic among others, so that the degausser is suitable for its intended use. Electromagnetic degaussers generate strong magnetic fields, and have a high rate of work.

Rotating coil degausser

Performance of a degaussing machine is the major determinant of the effectiveness of degaussing magnetic data storage media. Effectiveness does not improve when the media passes through the same degaussing magnetic field more than once. Rotating the media by 90 degrees improves effectiveness of degaussing the media. One magnetic media degaussers’ manufacturer, Verity Systems, has used this principle in a rotating coil technique they developed. Their rotating coil degausser passes the magnetic data storage media being erased through a magnetic field generated using two coils in the degaussing machine with the media on a variable-speed conveyor belt. The two coils generating a magnetic field are rotating; with one coil positioned above the media and the other coil positioned below the media.

Pulse degaussing

Pulse degaussing technology involves the cyclic application of electric current for a fraction of a second to the coil being used to generate a magnetic field in the degausser. The process starts with the maximum voltage applied and held for only a fraction of a second to avoid overheating the coil, and then the voltages applied in subsequent seconds are reduced in sequence at varying differences until no current is applied to the coil. Pulse degaussing saves on energy costs, produces high magnetic field strength, is suitable for degaussing large assemblies, and is reliable due to zero-error degaussing achievement.

Permanent magnet degausser

Permanent magnet degaussers use magnets made using rare earth materials. They do not require electricity for their operation. Permanent magnet degaussers require adequate shielding of the magnetic field they constantly have to prevent unintended degaussing. The need for shielding usually results in permanent magnet degaussers being bulky. When small-sized, permanent magnet degaussers are suited for use as mobile degaussers.

Anti–computer forensics

From Wikipedia, the free encyclopedia

Anti–computer forensics or counter-forensics are techniques used to obstruct forensic analysis.

Definition

Anti-forensics has only recently been recognized as a legitimate field of study.

One of the more widely known and accepted definitions comes from Marc Rogers. One of the earliest detailed presentations of anti-forensics, in Phrack Magazine in 2002, defines anti-forensics as "the removal, or hiding, of evidence in an attempt to mitigate the effectiveness of a forensics investigation".

A more abbreviated definition is given by Scott Berinato in his article entitled, The Rise of Anti-Forensics. "Anti-forensics is more than technology. It is an approach to criminal hacking that can be summed up like this: Make it hard for them to find you and impossible for them to prove they found you." Neither author takes into account using anti-forensics methods to ensure the privacy of one's personal data.

Sub-categories

Anti-forensics methods are often broken down into several sub-categories to make classification of the various tools and techniques simpler. One of the more widely accepted subcategory breakdowns was developed by Dr. Marcus Rogers. He has proposed the following sub-categories: data hiding, artifact wiping, trail obfuscation and attacks against the CF (computer forensics) processes and tools. Attacks against forensics tools directly has also been called counter-forensics.

Purpose and goals

Within the field of digital forensics, there is much debate over the purpose and goals of anti-forensic methods. The conventional wisdom is that anti-forensic tools are purely malicious in intent and design. Others believe that these tools should be used to illustrate deficiencies in digital forensic procedures, digital forensic tools, and forensic examiner education. This sentiment was echoed at the 2005 Blackhat Conference by anti-forensic tool authors, James Foster and Vinnie Liu. They stated that by exposing these issues, forensic investigators will have to work harder to prove that collected evidence is both accurate and dependable. They believe that this will result in better tools and education for the forensic examiner. Also, counter-forensics has significance for defence against espionage, as recovering information by forensic tools serves the goals of spies equally as well as investigators.

Data hiding

Data hiding is the process of making data difficult to find while also keeping it accessible for future use. "Obfuscation and encryption of data give an adversary the ability to limit identification and collection of evidence by investigators while allowing access and use to themselves."

Some of the more common forms of data hiding include encryption, steganography and other various forms of hardware/software based data concealment. Each of the different data hiding methods makes digital forensic examinations difficult. When the different data hiding methods are combined, they can make a successful forensic investigation nearly impossible.

Encryption

One of the more commonly used techniques to defeat computer forensics is data encryption. In a presentation given on encryption and anti-forensic methodologies, the Vice President of Secure Computing, Paul Henry, referred to encryption as a "forensic expert's nightmare".

The majority of publicly available encryption programs allow the user to create virtual encrypted disks which can only be opened with a designated key. Through the use of modern encryption algorithms and various encryption techniques these programs make the data virtually impossible to read without the designated key.

File level encryption encrypts only the file contents. This leaves important information such as file name, size and timestamps unencrypted. Parts of the content of the file can be reconstructed from other locations, such as temporary files, swap file and deleted, unencrypted copies.

Most encryption programs have the ability to perform a number of additional functions that make digital forensic efforts increasingly difficult. Some of these functions include the use of a keyfile, full-volume encryption, and plausible deniability. The widespread availability of software containing these functions has put the field of digital forensics at a great disadvantage.

Steganography

Steganography is a technique where information or files are hidden within another file in an attempt to hide data by leaving it in plain sight. "Steganography produces dark data that is typically buried within light data (e.g., a non-perceptible digital watermark buried within a digital photograph)." While some experts have argued that the use of steganography techniques is not very widespread and therefore the subject shouldn't be given a lot of thought, most experts agree that steganography has the capability of disrupting the forensic process when used correctly.

According to Jeffrey Carr, a 2007 edition of Technical Mujahid (a bi-monthly terrorist publication) outlined the importance of using a steganography program called Secrets of the Mujahideen. According to Carr, the program was touted as giving the user the capability to avoid detection by current steganalysis programs. It did this through the use of steganography in conjunction with file compression.

Other forms of data hiding

Other forms of data hiding involve the use of tools and techniques to hide data throughout various locations in a computer system. Some of these places can include "memory, slack space, hidden directories, bad blocks, alternate data streams, (and) hidden partitions."

One of the more well known tools that is often used for data hiding is called Slacker (part of the Metasploit framework). Slacker breaks up a file and places each piece of that file into the slack space of other files, thereby hiding it from the forensic examination software. Another data hiding technique involves the use of bad sectors. To perform this technique, the user changes a particular sector from good to bad and then data is placed onto that particular cluster. The belief is that forensic examination tools will see these clusters as bad and continue on without any examination of their contents.

Artifact wiping

The methods used in artifact wiping are tasked with permanently eliminating particular files or entire file systems. This can be accomplished through the use of a variety of methods that include disk cleaning utilities, file wiping utilities and disk degaussing/destruction techniques.

Disk cleaning utilities

Disk cleaning utilities use a variety of methods to overwrite the existing data on disks (see data remanence). The effectiveness of disk cleaning utilities as anti-forensic tools is often challenged as some believe they are not completely effective. Experts who don't believe that disk cleaning utilities are acceptable for disk sanitization base their opinions of current DOD policy, which states that the only acceptable form of sanitization is degaussing. (See National Industrial Security Program.) Disk cleaning utilities are also criticized because they leave signatures that the file system was wiped, which in some cases is unacceptable. Some of the widely used disk cleaning utilities include DBAN, srm, BCWipe Total WipeOut, KillDisk, PC Inspector and CyberScrubs cyberCide. Another option which is approved by the NIST and the NSA is CMRR Secure Erase, which uses the Secure Erase command built into the ATA specification.

File wiping utilities

File wiping utilities are used to delete individual files from an operating system. The advantage of file wiping utilities is that they can accomplish their task in a relatively short amount of time as opposed to disk cleaning utilities which take much longer. Another advantage of file wiping utilities is that they generally leave a much smaller signature than disk cleaning utilities. There are two primary disadvantages of file wiping utilities, first they require user involvement in the process and second some experts believe that file wiping programs don't always correctly and completely wipe file information. Some of the widely used file wiping utilities include BCWipe, R-Wipe & Clean, Eraser, Aevita Wipe & Delete and CyberScrubs PrivacySuite. On Linux tools like shred and srm can be also used to wipe single files. SSDs are by design more difficult to wipe, since the firmware can write to other cells therefore allowing data recovery. In these instances ATA Secure Erase should be used on the whole drive, with tools like hdparm that support it.

Disk degaussing / destruction techniques

Disk degaussing is a process by which a magnetic field is applied to a digital media device. The result is a device that is entirely clean of any previously stored data. Degaussing is rarely used as an anti-forensic method despite the fact that it is an effective means to ensure data has been wiped. This is attributed to the high cost of degaussing machines, which are difficult for the average consumer to afford.

A more commonly used technique to ensure data wiping is the physical destruction of the device. The NIST recommends that "physical destruction can be accomplished using a variety of methods, including disintegration, incineration, pulverizing, shredding and melting."

Trail obfuscation

The purpose of trail obfuscation is to confuse, disorient, and divert the forensic examination process. Trail obfuscation covers a variety of techniques and tools that include "log cleaners, spoofing, misinformation, backbone hopping, zombied accounts, trojan commands."

One of the more widely known trail obfuscation tools is Timestomp (part of the Metasploit Framework). Timestomp gives the user the ability to modify file metadata pertaining to access, creation and modification times/dates. By using programs such as Timestomp, a user can render any number of files useless in a legal setting by directly calling into question the files' credibility.

Another well known trail-obfuscation program is Transmogrify (also part of the Metasploit Framework). In most file types the header of the file contains identifying information. A (.jpg) would have header information that identifies it as a (.jpg), a (.doc) would have information that identifies it as (.doc) and so on. Transmogrify allows the user to change the header information of a file, so a (.jpg) header could be changed to a (.doc) header. If a forensic examination program or operating system were to conduct a search for images on a machine, it would simply see a (.doc) file and skip over it.

Attacks against computer forensics

In the past anti-forensic tools have focused on attacking the forensic process by destroying data, hiding data, or altering data usage information. Anti-forensics has recently moved into a new realm where tools and techniques are focused on attacking forensic tools that perform the examinations. These new anti-forensic methods have benefited from a number of factors to include well documented forensic examination procedures, widely known forensic tool vulnerabilities, and digital forensic examiners' heavy reliance on their tools.

During a typical forensic examination, the examiner would create an image of the computer's disks. This keeps the original computer (evidence) from being tainted by forensic tools. Hashes are created by the forensic examination software to verify the integrity of the image. One of the recent anti-tool techniques targets the integrity of the hash that is created to verify the image. By affecting the integrity of the hash, any evidence that is collected during the subsequent investigation can be challenged.

Physical

To prevent physical access to data while the computer is powered on (from a grab-and-go theft for instance, as well as seizure from Law Enforcement), there are different solutions that could be implemented:

  • Software frameworks like USBGuard or USBKill implements USB authorization policies and method of use policies. If the software is triggered, by insertion or removal of USB devices, a specific action can be performed. After the arrest of Silk Road's administrator Ross Ulbricht, a number of proof of concept anti-forensic tools have been created to detect seizing of the computer from the owner to shut it down, therefore making the data inaccessible if full disk encryption is used.
  • Hardware cable anchors using the Kensington Security Slot to prevent stealing by opportunistic thieves.
  • Hardware kill cables like BusKill that lock, shutdown, or wipe data when ejected
  • Use of chassis intrusion detection feature in computer case or a sensor (such as a photodetector) rigged with explosives for self-destruction. In some jurisdictions this method could be illegal since it could seriously maim or kill an unauthorized user and could consist in destruction of evidence.
  • Battery could be removed from a laptop to make it work only while attached to the power supply unit. If the cable is removed, shutdown of the computer will occur immediately causing data loss. In the event of a power surge the same will occur though.

Some of these methods rely on shutting the computer down, while the data might be retained in the RAM from a couple of seconds up to a couple minutes, theoretically allowing for a cold boot attack. Cryogenically freezing the RAM might extend this time even further and some attacks on the wild have been spotted. Methods to counteract this attack exist and can overwrite the memory before shutting down. Some anti-forensic tools even detect the temperature of the RAM to perform a shutdown when below a certain threshold.

Attempts to create a tamper-resistant desktop computer has been made (as of 2020, the ORWL model is one of the best examples). However, security of this particular model is debated by security researcher and Qubes OS founder Joanna Rutkowska.

Use by criminals

While the study and applications of anti-forensics are generally available to protect users from forensic attacks of their confidential data by their adversaries (eg investigative journalists, human rights defenders, activists, corporate or government espionage), Mac Rogers of Purdue University notes that anti-forensics tools can also be used by criminals.

Rogers uses a more traditional "crime scene" approach when defining anti-forensics. "Attempts to negatively affect the existence, amount and/or quality of evidence from a crime scene, or make the analysis and examination of evidence difficult or impossible to conduct."

Effectiveness of anti-forensics

Anti-forensic methods rely on several weaknesses in the forensic process including: the human element, dependency on tools, and the physical/logical limitations of computers. By reducing the forensic process's susceptibility to these weaknesses, an examiner can reduce the likelihood of anti-forensic methods successfully impacting an investigation. This may be accomplished by providing increased training for investigators, and corroborating results using multiple tools.

Cypherpunk

From Wikipedia, the free encyclopedia
https://en.wikipedia.org/wiki/Cypherpunk

A cypherpunk is any individual advocating widespread use of strong cryptography and privacy-enhancing technologies as a route to social and political change. Originally communicating through the Cypherpunks electronic mailing list, informal groups aimed to achieve privacy and security through proactive use of cryptography. Cypherpunks have been engaged in an active movement since at least the late 1980s and early 1990s.

History

Before the mailing list

Until about the 1970s, cryptography was mainly practiced in secret by military or spy agencies. However, that changed when two publications brought it into public awareness: the first publicly available work on public-key cryptography, by Whitfield Diffie and Martin Hellman, and the US government publication of the Data Encryption Standard (DES), a block cipher which became very widely used.

The technical roots of Cypherpunk ideas have been traced back to work by cryptographer David Chaum on topics such as anonymous digital cash and pseudonymous reputation systems, described in his paper "Security without Identification: Transaction Systems to Make Big Brother Obsolete" (1985).

In the late 1980s, these ideas coalesced into something like a movement.

Etymology and the Cypherpunks mailing list

In late 1992, Eric Hughes, Timothy C. May, and John Gilmore founded a small group that met monthly at Gilmore's company Cygnus Solutions in the San Francisco Bay Area and was humorously termed cypherpunks by Jude Milhon at one of the first meetings—derived from cipher and cyberpunk. In November 2006, the word was added to the Oxford English Dictionary.

The Cypherpunks mailing list was started in 1992, and by 1994 had 700 subscribers. At its peak, it was a very active forum with technical discussions ranging over mathematics, cryptography, computer science, political and philosophical discussion, personal arguments and attacks, etc., with some spam thrown in. An email from John Gilmore reports an average of 30 messages a day from December 1, 1996, to March 1, 1999, and suggests that the number was probably higher earlier. The number of subscribers is estimated to have reached 2,000 in the year 1997.

In early 1997, Jim Choate and Igor Chudov set up the Cypherpunks Distributed Remailer, a network of independent mailing list nodes intended to eliminate the single point of failure inherent in a centralized list architecture. At its peak, the Cypherpunks Distributed Remailer included at least seven nodes. By mid-2005, al-qaeda.net ran the only remaining node. In mid-2013, following a brief outage, the al-qaeda.net node's list software was changed from Majordomo to GNU Mailman, and subsequently the node was renamed to cpunks.org. The CDR architecture is now defunct, though the list administrator stated in 2013 that he was exploring a way to integrate this functionality with the new mailing list software.

For a time, the cypherpunks mailing list was a popular tool with mailbombers, who would subscribe a victim to the mailing list in order to cause a deluge of messages to be sent to him or her. (This was usually done as a prank, in contrast to the style of terrorist referred to as a mailbomber.) This precipitated the mailing list sysop(s) to institute a reply-to-subscribe system. Approximately two hundred messages a day was typical for the mailing list, divided between personal arguments and attacks, political discussion, technical discussion, and early spam.

The cypherpunks mailing list had extensive discussions of the public policy issues related to cryptography and on the politics and philosophy of concepts such as anonymity, pseudonyms, reputation, and privacy. These discussions continue both on the remaining node and elsewhere as the list has become increasingly moribund.

Events such as the GURPS Cyberpunk raid lent weight to the idea that private individuals needed to take steps to protect their privacy. In its heyday, the list discussed public policy issues related to cryptography, as well as more practical nuts-and-bolts mathematical, computational, technological, and cryptographic matters. The list had a range of viewpoints and there was probably no completely unanimous agreement on anything. The general attitude, though, definitely put personal privacy and personal liberty above all other considerations.

Early discussion of online privacy

The list was discussing questions about privacy, government monitoring, corporate control of information, and related issues in the early 1990s that did not become major topics for broader discussion until at least ten years later. Some list participants were highly radical on these issues.

Those wishing to understand the context of the list might refer to the history of cryptography; in the early 1990s, the US government considered cryptography software a munition for export purposes. (PGP source code was published as a paper book to bypass these regulations and demonstrate their futility.) In 1992, a deal between NSA and SPA allowed export of cryptography based on 40-bit RC2 and RC4 which was considered relatively weak (and especially after SSL was created, there were many contests to break it). The US government had also tried to subvert cryptography through schemes such as Skipjack and key escrow. It was also not widely known that all communications were logged by government agencies (which would later be revealed during the NSA and AT&T scandals) though this was taken as an obvious axiom by list members.

The original cypherpunk mailing list, and the first list spin-off, coderpunks, were originally hosted on John Gilmore's toad.com, but after a falling out with the sysop over moderation, the list was migrated to several cross-linked mail-servers in what was called the "distributed mailing list." The coderpunks list, open by invitation only, existed for a time. Coderpunks took up more technical matters and had less discussion of public policy implications. There are several lists today that can trace their lineage directly to the original Cypherpunks list: the cryptography list (cryptography@metzdowd.com), the financial cryptography list (fc-announce@ifca.ai), and a small group of closed (invitation-only) lists as well.

Toad.com continued to run with the existing subscriber list, those that didn't unsubscribe, and was mirrored on the new distributed mailing list, but messages from the distributed list didn't appear on toad.com. As the list faded in popularity, so too did it fade in the number of cross-linked subscription nodes.

To some extent, the cryptography list acts as a successor to cypherpunks; it has many of the people and continues some of the same discussions. However, it is a moderated list, considerably less zany and somewhat more technical. A number of current systems in use trace to the mailing list, including Pretty Good Privacy, /dev/random in the Linux kernel (the actual code has been completely reimplemented several times since then) and today's anonymous remailers.

Main principles

The basic ideas can be found in A Cypherpunk's Manifesto (Eric Hughes, 1993): "Privacy is necessary for an open society in the electronic age. ... We cannot expect governments, corporations, or other large, faceless organizations to grant us privacy ... We must defend our own privacy if we expect to have any. ... Cypherpunks write code. We know that someone has to write software to defend privacy, and ... we're going to write it."

Some are or were senior people at major hi-tech companies and others are well-known researchers (see list with affiliations below).

The first mass media discussion of cypherpunks was in a 1993 Wired article by Steven Levy titled Crypto Rebels:

The people in this room hope for a world where an individual's informational footprints—everything from an opinion on abortion to the medical record of an actual abortion—can be traced only if the individual involved chooses to reveal them; a world where coherent messages shoot around the globe by network and microwave, but intruders and feds trying to pluck them out of the vapor find only gibberish; a world where the tools of prying are transformed into the instruments of privacy. There is only one way this vision will materialize, and that is by widespread use of cryptography. Is this technologically possible? Definitely. The obstacles are political—some of the most powerful forces in government are devoted to the control of these tools. In short, there is a war going on between those who would liberate crypto and those who would suppress it. The seemingly innocuous bunch strewn around this conference room represents the vanguard of the pro-crypto forces. Though the battleground seems remote, the stakes are not: The outcome of this struggle may determine the amount of freedom our society will grant us in the 21st century. To the Cypherpunks, freedom is an issue worth some risk.

The three masked men on the cover of that edition of Wired were prominent cypherpunks Tim May, Eric Hughes and John Gilmore.

Later, Levy wrote a book, Crypto: How the Code Rebels Beat the Government – Saving Privacy in the Digital Age, covering the crypto wars of the 1990s in detail. "Code Rebels" in the title is almost synonymous with cypherpunks.

The term cypherpunk is mildly ambiguous. In most contexts it means anyone advocating cryptography as a tool for social change, social impact and expression. However, it can also be used to mean a participant in the Cypherpunks electronic mailing list described below. The two meanings obviously overlap, but they are by no means synonymous.

Documents exemplifying cypherpunk ideas include Timothy C. May's The Crypto Anarchist Manifesto (1992) and The Cyphernomicon (1994), A Cypherpunk's Manifesto.

Privacy of communications

A very basic cypherpunk issue is privacy in communications and data retention. John Gilmore said he wanted "a guarantee -- with physics and mathematics, not with laws -- that we can give ourselves real privacy of personal communications."

Such guarantees require strong cryptography, so cypherpunks are fundamentally opposed to government policies attempting to control the usage or export of cryptography, which remained an issue throughout the late 1990s. The Cypherpunk Manifesto stated "Cypherpunks deplore regulations on cryptography, for encryption is fundamentally a private act."

This was a central issue for many cypherpunks. Most were passionately opposed to various government attempts to limit cryptography—export laws, promotion of limited key length ciphers, and especially escrowed encryption.

Anonymity and pseudonyms

The questions of anonymity, pseudonymity and reputation were also extensively discussed.

Arguably, the possibility of anonymous speech, and publication is vital for an open society and genuine freedom of speech—this is the position of most cypherpunks.

Censorship and monitoring

In general, cypherpunks opposed the censorship and monitoring from government and police.

In particular, the US government's Clipper chip scheme for escrowed encryption of telephone conversations (encryption supposedly secure against most attackers, but breakable by government) was seen as anathema by many on the list. This was an issue that provoked strong opposition and brought many new recruits to the cypherpunk ranks. List participant Matt Blaze found a serious flaw in the scheme, helping to hasten its demise.

Steven Schear first suggested the warrant canary in 2002 to thwart the secrecy provisions of court orders and national security letters. As of 2013, warrant canaries are gaining commercial acceptance.

Hiding the act of hiding

An important set of discussions concerns the use of cryptography in the presence of oppressive authorities. As a result, Cypherpunks have discussed and improved steganographic methods that hide the use of crypto itself, or that allow interrogators to believe that they have forcibly extracted hidden information from a subject. For instance, Rubberhose was a tool that partitioned and intermixed secret data on a drive with fake secret data, each of which accessed via a different password. Interrogators, having extracted a password, are led to believe that they have indeed unlocked the desired secrets, whereas in reality the actual data is still hidden. In other words, even its presence is hidden. Likewise, cypherpunks have also discussed under what conditions encryption may be used without being noticed by network monitoring systems installed by oppressive regimes.

Activities

As the Manifesto says, "Cypherpunks write code"; the notion that good ideas need to be implemented, not just discussed, is very much part of the culture of the mailing list. John Gilmore, whose site hosted the original cypherpunks mailing list, wrote: "We are literally in a race between our ability to build and deploy technology, and their ability to build and deploy laws and treaties. Neither side is likely to back down or wise up until it has definitively lost the race."

Software projects

Anonymous remailers such as the Mixmaster Remailer were almost entirely a cypherpunk development. Other cypherpunk-related projects include PGP for email privacy, FreeS/WAN for opportunistic encryption of the whole net, Off-the-record messaging for privacy in Internet chat, and the Tor project for anonymous web surfing.

Hardware

In 1998, the Electronic Frontier Foundation, with assistance from the mailing list, built a $200,000 machine that could brute-force a Data Encryption Standard key in a few days. The project demonstrated that DES was, without question, insecure and obsolete, in sharp contrast to the US government's recommendation of the algorithm.

Expert panels

Cypherpunks also participated, along with other experts, in several reports on cryptographic matters.

One such paper was "Minimal Key Lengths for Symmetric Ciphers to Provide Adequate Commercial Security". It suggested 75 bits was the minimum key size to allow an existing cipher to be considered secure and kept in service. At the time, the Data Encryption Standard with 56-bit keys was still a US government standard, mandatory for some applications.

Other papers were critical analysis of government schemes. "The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption", evaluated escrowed encryption proposals. Comments on the Carnivore System Technical Review. looked at an FBI scheme for monitoring email.

Cypherpunks provided significant input to the 1996 National Research Council report on encryption policy, Cryptography's Role In Securing the Information Society (CRISIS). This report, commissioned by the U.S. Congress in 1993, was developed via extensive hearings across the nation from all interested stakeholders, by a committee of talented people. It recommended a gradual relaxation of the existing U.S. government restrictions on encryption. Like many such study reports, its conclusions were largely ignored by policy-makers. Later events such as the final rulings in the cypherpunks lawsuits forced a more complete relaxation of the unconstitutional controls on encryption software.

Lawsuits

Cypherpunks have filed a number of lawsuits, mostly suits against the US government alleging that some government action is unconstitutional.

Phil Karn sued the State Department in 1994 over cryptography export controls after they ruled that, while the book Applied Cryptography could legally be exported, a floppy disk containing a verbatim copy of code printed in the book was legally a munition and required an export permit, which they refused to grant. Karn also appeared before both House and Senate committees looking at cryptography issues.

Daniel J. Bernstein, supported by the EFF, also sued over the export restrictions, arguing that preventing publication of cryptographic source code is an unconstitutional restriction on freedom of speech. He won, effectively overturning the export law. See Bernstein v. United States for details.

Peter Junger also sued on similar grounds, and won.

Civil disobedience

Cypherpunks encouraged civil disobedience, in particular, US law on the export of cryptography. Until 1997, cryptographic code was legally a munition and fell under ITAR, and the key length restrictions in the EAR was not removed until 2000.

In 1995 Adam Back wrote a version of the RSA algorithm for public-key cryptography in three lines of Perl and suggested people use it as an email signature file:

# !/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)

Vince Cate put up a web page that invited anyone to become an international arms trafficker; every time someone clicked on the form, an export-restricted item—originally PGP, later a copy of Back's program—would be mailed from a US server to one in Anguilla.

Cypherpunk fiction

In Neal Stephenson's novel Cryptonomicon many characters are on the "Secret Admirers" mailing list. This is fairly obviously based on the cypherpunks list, and several well-known cypherpunks are mentioned in the acknowledgements. Much of the plot revolves around cypherpunk ideas; the leading characters are building a data haven which will allow anonymous financial transactions, and the book is full of cryptography. But, according to the author the book's title is—in spite of its similarity—not based on the Cyphernomicon, an online cypherpunk FAQ document.

Legacy

Cypherpunk achievements would later also be used on the Canadian e-wallet, the MintChip, and the creation of bitcoin. It was an inspiration for CryptoParty decades later to such an extent that A Cypherpunk's Manifesto is quoted at the header of its Wiki, and Eric Hughes delivered the keynote address at the Amsterdam CryptoParty on 27 August 2012.

Operator (computer programming)

From Wikipedia, the free encyclopedia https://en.wikipedia.org/wiki/Operator_(computer_programmin...