I n computers, being safe can sometimes
lead to being sorry, as Oliver L. North
discovered in the Iran-contra
investigation during the Reagan
administration, when incriminating
files he thought had been deleted
were later resurrected from network
backup tapes. One of the ways investigators
can peer into the private lives of
their subjects is to peer into their computers.
What they are able to find, and the ease with
which they can find it, may prompt computer
users to re-evaluate their practices.
Word processing software, Web browsing
software and email have become integral to
communication, both professional and personal.
As a result, many people have files on
their hard disks that they wish to keep private,
like love letters, confidential business
documents or financial data.
Moreover, many have sensitive, confidential
and potentially embarrassing files in
their computers that they don’t even know
are there, either because they think the files
have been erased or are unaware that certain
common programs automatically keep a
log of what the user does.
“Recovering files that were deleted from
a computer directory is almost a trivial
process,” says Mihran Boudromian, computer
analyst with Expervision. A related
issue is the computer’s creation of sensitive
files that
the user often didn’t
know were there in the first place, according
to Boudromian. “The user’s Web
browser will create files, without the
knowledge of the user, that record all their
interactions,” he says. “Many people today
know about cookie files, but the browser
creates a history file as well that keeps a
record of the websites the user visits. And
then there’s a cache file that sometimes
keeps copies of the pictures that have been
downloaded.”
More obscure are the temporary files created
by word processors, for example, and
the so-called swap files that an operating
system creates as a way to manage computer
memory. These files often remain readable
even if the original files are erased.
Computer users in Lebanon have little
reason to believe that their computer files will
be scrutinized by law-enforcement agents,
corporate and government spies or even
special investigators.
But what about unscrupulous
co-workers? And what confidential
information resides on the hard disk of the
computer that was donated to a neighbor, or
sold to make way for an upgrade?
The rise in the number of computer thefts
and the increased sharing of computers in
the home are confronting consumers with
security issues that in the past were issues
only for big corporations, banks, the military
and government agencies. So how
does one keep confidential information
private? And when the information is no
longer needed, how does one make sure that
it is completely erased? “Both questions
involve a combination of good computer
security policies and good security software,”
advises Boudromian.
The software is the easy part. Creating and
sticking with good security habits is the
hard part. “Technology exists today to protect
individual privacy for as long as the
individual chooses to keep the information
private,” says Georges Hajj, of
Compudata. Computer users today have
access to inexpensive software tools that can
encrypt the contents of a fife, an email
message or even the entire contents of a
computer so that it can’t be read by someone
else. Other programs can shred
unwanted files so completely that no one
can recover them. But very few people use
such security tools. y
Computers are good at keeping· secrets.
Too good, in fact. The secrets can reside on
a computer, and on a computer network,
long after the user deletes them. The files are
forgotten, but not gone. Deleting a file
does not really delete the file. It merely
hides it from view so it no longer shows up
in a directory of files. “It’s like getting an
unlisted telephone number,” says
Boudromian. ‘The listing may not appear in
the phone directory, but the phone can still
ring if someone knows the right number.”
When a user deletes a file, the computer
stops listing it in the file directory and
marks the disk space as available for
reuse. Another file may eventually be
written atop the same space, obliterating
any traces of the original. But as hard
disk capacities swell into the gigabytes,
the space may not be
overwritten for a very long
time.
In that limbo period
when the deleted
file is undead,
any moderately
skilled
computer
user can
locate, restore and read the deleted file by
using such commands as “undelete” or
“unerase,” which are common features of
many software utilities.
The computer’s ability to remember
deleted files is most often a good thing,
especially when important files have been
deleted by accident. Every day, computer
technicians get frantic calls from people
who have inadvertently erased the big presentation
due the next morning, or whose
children have erased those boring ETRADE
folders to make room on the disk
for games. At times like these, being able to
resurrect the files from the dead is a lifesaver.
There are a number of utility programs
available that have an “unerase” capability,
to be used both in emergencies and as a
precaution against accidents. An example is
Norton Utilities which, for $75, performs a
variety of password-protected security
functions. It can be set to blank the screen
and lock the computer if the user steps
away for a minute or to prevent unauthorized
users from booting the machine. But as
with most tools, “unerase” programs can be
dangerous in the wrong hands. To truly
erase a file and prevent it from being recovered,
one must write over it, or wipe it.
There are several utility programs available
that enable the user to overwrite a single
file or the entire disk, or anything in
between. Such programs typically have
apocalyptic names, such as Shredder,
Flame File and Burn. Similar disk-wiping
tools are often included in PC utility programs
and encryption programs, but others
are available for downloading without
charge from the Internet. These programs
typically hash over the designated disk
space with meaningless patterns of ones and
zeroes, instead of the meaningful patterns of
ones and zeroes that represent the original
information. That process renders the
deleted file unreadable in most cases.
The key phrase is “in most cases.” Just as
with encryption and writers of virus programs,
there are people working just as
hard to recover wiped files as there are
people working to wipe them. (These days,
spies have developed ways to reverse a
simple, one-pass wipe with ones and
zeroes and retrieve the original file.) It is
therefore, smart practice to wipe sensitive
files many times with random characters,
which, in theory, obliterates the original
file and makes it unrecoverable. Unless, of
course, the file has already been copied
onto backup tapes. In the digital world, the
original file may be shredded, while one or
more perfect copies can exist elsewhere.
An even more bulletproof way to render
files unreadable is to encrypt them.
Encryption scrambles a disk or file, including
pictures (or a telephone conversation, or
a credit card sent over the Internet), so it can
be opened and read only by the person
holding the proper key, or password. The
strength of the encryption is often measured
by the length of the key, which is in
tum measured in bits. In general, each
additional bit of key length doubles the
amount of effort needed for unauthorized
users to break the key.
Even weak encryption (with a 40-bit key
length, for example) is sufficient to deter
most casual snoops. Breaking a 56-bit key
requires computing resources that are beyond
the reach of all but the most determined code
breakers, and even then it can require days of
sustained attacks by a supercomputer just to
crack one email message. Some encryption
programs use 128-bit keys, which, according
to Jacques Hakimian, IT consultant at
Dialog, are “infinitely unbreakable, at least in
our lifetimes, even taking into consideration
the predictable advances in computing
power.” In other words, it is more secure than
the strongest physical vault ever built.
And then there is email. People type all
sorts of embarrassing, confidential or
intemperate words in email in the mistaken
belief that such messages are private. In reality,
messages sent by email are less secure
than messages scribbled on a postcard. The
way the Internet mail system works, an
email message passes through several
exchange points, or nodes, on its way to the
recipient’s computer. The system administrator
at each hand-off point can in theory
read the message, copy it, reroute it or tamper
with il. If the message originates or
terminates in a corporate computer system,
chances are high that a copy will persist
in the company’s backup tapes or disk
for days, at least.
In the end, there are only two ways to
keep information confidential in the digital
age. One is to use strong encryption.
