Australian Information Security Management Conference

Document Type

Conference Proceeding

Publisher

SRI Security Research Institute, Edith Cowan University, Perth, Western Australia

Comments

Originally published in the Proceedings of the 11th Australian Information Security Management Conference, Edith Cowan University, Perth, Western Australia, 2nd-4th December, 2013

Abstract

When most people go to the trouble of getting erasure tools to remove data from their hard drives they expect the job is done correctly. Using erasure tools is a step to protect privacy by assuming the applied tools erase data rather than simply delete data that may be recovered using forensic tools. In this research we tested the performance of the delete function on three web browsers against the performance of eight erasure tools with alarming results. It was found that the erasure tools had almost the same capability to delete data as the web browsers delete function; and that no tool actually erased data. The implications for people using these tools to protect sensitive data are profound. People and organisations as they retire, sell or dispose of their hardware containing information assets require assurance they will not be impacted by the adverse effects of unintended disclosure of sensitive information. Better software solutions are required and better software certification measures require implementation.

DOI

10.4225/75/57b56364cd8e2

Share

 
COinS