maemo.org - Talk - Secure-delete N900 & Privacy Optimizations

maemo.org - Talk (https://talk.maemo.org/index.php)

- Nokia N900 (https://talk.maemo.org/forumdisplay.php?f=44)

- - Secure-delete N900 & Privacy Optimizations (https://talk.maemo.org/showthread.php?t=81193)

Secure-delete N900 & Privacy Optimizations

Hi there, i got an myself an used N900 and after I've played around a bit with some applications, i got my fingers on Testdisk/Photorec.
As I've thought that it would be interesting to know how many files could be retrieved out of the N900.

And i'm was afterwards quite shocked as i could retrieve almost any single image/video that were shot/saved on the N900.

And before you start explain me why it isnt as possible as on a HDD!
Yes i know that it it is practically impossible to wipe every single bit securely from the Flashmemory due to the way flashmemory works, e.g. the unaccessibility of dead-flashcells which could still contain sensitive data, and the relocation of opened files into unaccessable(ok not really a flashmemory only thing) sectors on the memory.
But as i noticed that i could just recover my own files (with just a few exceptions) i guess that the previous user in some way managed to secure-delete most of his stuff.

I've heard that continuously writing random-data to the "/home & MyDocs" folder using DD would reduce the possibility to recover files, so would someone be willing to explain me the whole process?

Privacy/Safety Optimizations:

1:
I`ve heard that a good possibility to reduce the "recoverability" of files saved to "/home & MyDocs" could be to encrypt those partitions.
Might someone explain or refer me to an up-to-date tutorial?
2:
Would it yet be possible to reinstall Maemo complettly to the MicroSD-Card, so that in case you want to re-sell the device you could simply remove the MicroSD-Card without having to worry that sensitive data could be retrieved by the new owner?
3:
Not sure if its a known bug, but the autocomplete-feature of the N900 saves the typed in Passwords.
Is it possible fix that or complettly disable that unneeded crap, regarding that you can type fast enough on the QWERTY-Keyboard and shouldnt need smth. like that.

Well then, hope it didnt get to long.

Thanks in Advance!

Re: Secure-delete N900 & Privacy Optimizations

Coincidence, pure Coincidence, there was user yesterday on IRC asking the same questions as you ;).

Quote:

I`ve heard that a good possibility to reduce the "recoverability" of files saved to "/home & MyDocs" could be to encrypt those partitions.
Might someone explain or refer me to an up-to-date tutorial?

TrueCrypt
Encrypted home

Sure, you can't recover encrypted files if it has been done right and the guy who wants to recover those files doesn't have the key. Why not? Because the files are encrypted...

Quote:

Would it yet be possible to reinstall Maemo complettly to the MicroSD-Card, so that in case you want to re-sell the device you could simply remove the MicroSD-Card without having to worry that sensitive data could be retrieved by the new owner?

Short answer: Yes / Probably - no howto on that around AFAIK.

Quote:

Not sure if its a known bug, but the autocomplete-feature of the N900 saves the typed in Passwords.
Is it possible fix that or complettly disable that unneeded crap, regarding that you can type fast enough on the QWERTY-Keyboard and shouldnt need smth. like that.

Yes, known, see the first link. It can be turned off in the settings, it's named "auto complete" or something.

Re: Secure-delete N900 & Privacy Optimizations

Thanks already for the Reply, but isnt it possibly the best idea to wipe everything (accessable without killing the device) a few times with random zeros and ones, and then to create encrypted partitions?

Btw. whats about the third partition e.g "/" is it possible to encrypt it too?

And yea....sad that it seems like nobody yet tried to fully install Maemo onto the MicroSD-Card, that kinda would be the most secure option.
Whats about an encrypted Nitdroid (or even an unencrypted) on the MicroSD-Card.
Would'nt it then be the case that Nitdroid would'nt access nor save files to the internal Memory of the N900, unless you tell to do so?

Thanks in Advance.

Re: Secure-delete N900 & Privacy Optimizations

Quote:

but isnt it possibly the best idea to wipe everything (accessable without killing the device) a few times with random zeros and ones, and then to create encrypted partitions?

http://www.wipeyourdata.com/secure-d...b-thumb-drive/

Quote:

Btw. whats about the third partition e.g "/" is it possible to encrypt it too?

Short answer: no. Benefits of doing so are low anyway. And / is not a partition on the EMMC, it is on NAND.

Quote:

Whats about an encrypted Nitdroid (or even an unencrypted) on the MicroSD-Card.
Would'nt it then be the case that Nitdroid would'nt access nor save files to the internal Memory of the N900, unless you tell to do so?

I don't know what it does or doesn't.

Re: Secure-delete N900 & Privacy Optimizations

Thanks again, but regarding flash memory there are many opinions regarding the secure-delete.
Some say a single wipe is enough others say there should be more than just one overwriting process per cell.
And yea its a fact that there is a limitation regarding the write-cycles of the flash-memory which should be around 100.000 to 250.000 write-cycles per cell depending on the flash itself.
But lets see it as it is, if think about overwriting the partitions for example 20x Times with random data, this would mean 20 cycles less per cell, which regarding the about 100.000 write cycles per cell is almost nothing.
Furthermore its one of my main-ideas to swap most of the stuff away from the internal to the external memory as i will get myself a 32GB Class 10 SDHC.

And know back to the question about how to write random data on the Partitions.

I think it should look something like this.

Code:

sudo gainroot

dd if=/dev/urandom of=/dev/mmcblk1p0

But as iam not absolutelly sure, i'd rather reask you guys :)

Greetings.