01-11-12 10:52 PM
34 12
tools
  1. space_traveler's Avatar
    Is the data securely overwritten or could it possibly be recovered by a new user, should you give your PB away or sell it? I'm not talking about recovering the wiped data by looking for it on the PB itself, obviously it wouldn't be visible on the PB itself once a wipe was done. I was thinking more of someone scanning the PB with some type of data recovery software from a pc via the usb port for example and possibly recovering any sensitive data that way.

    And if the data is not securely overwritten, what apps are available to do this for the PB?

    Thanks for any info.
    01-09-12 11:42 PM
  2. Carllam's Avatar
    its the only "professional grade" tablet on the market. everywhere else RIM needs improvement, it certainly not in the security wipe feature. Besides all the PIMs are stored on the phone if you've bridged and not on PB.
    01-09-12 11:58 PM
  3. taylortbb's Avatar
    It's completely secure. RIM has built their business on security and there's a reason it's called a security wipe.
    01-10-12 12:20 AM
  4. BBNation's Avatar
    The built in secure wipe is safe enough for standard users. If someone really really want the data then it's not impossible to retirve data. It will take hours to recover it so it all depends on the motive of thief. I will be comfortable with the wipe and giving it to someone else.
    01-10-12 01:23 AM
  5. emtunc's Avatar
    The built in secure wipe is safe enough for standard users. If someone really really want the data then it's not impossible to retirve data. It will take hours to recover it so it all depends on the motive of thief. I will be comfortable with the wipe and giving it to someone else.
    Do you have any documentation to back your claim?
    I very highly doubt even a motivated thief could get data back from a wiped device (based on the assumption that RIM is smart enough to at LEAST wipe do a basic wipe of zeroes) within years let alone hours.
    01-10-12 01:50 AM
  6. FF22's Avatar
    Do you have any documentation to back your claim?
    I very highly doubt even a motivated thief could get data back from a wiped device (based on the assumption that RIM is smart enough to at LEAST wipe do a basic wipe of zeroes) within years let alone hours.
    All of those forensic tv shows do it without any real problems. They take two pixels of an image and reproduce the entire jpg and can read the license plate, too!

    I would guess that if the CIA really wants my data from a wiped pb, they may be able to retrieve some of it but it might take them a while.
    CDM76, diegonei, BERaddict and 1 others like this.
    01-10-12 10:10 AM
  7. Sith_Apprentice's Avatar
    The BlackBerry data wipe, with content protection (entire disk ecryption) enabled is secure enough that it passes the muster for wiping classified information, and authorized for use in a DoD environment.
    01-10-12 10:12 AM
  8. Sith_Apprentice's Avatar
    All of those forensic tv shows do it without any real problems. They take two pixels of an image and reproduce the entire jpg and can read the license plate, too!

    I would guess that if the CIA really wants my data from a wiped pb, they may be able to retrieve some of it but it might take them a while.
    You are basing this off of TV shows? lol.
    01-10-12 10:14 AM
  9. space_traveler's Avatar
    Thanks for the replies.

    I was thinking of using the free program called Eraser (from my pc via usb cable) to overwrite anything I put on my PB that I wouldn't want recovered, just to be extra safe before I do the standard PB security wipe. I figure I can do a couple extra overwrites that way. That should be ok/safe to do, correct?
    01-10-12 04:43 PM
  10. peter9477's Avatar
    I was thinking of using the free program called Eraser (from my pc via usb cable) to overwrite anything I put on my PB that I wouldn't want recovered, just to be extra safe before I do the standard PB security wipe. I figure I can do a couple extra overwrites that way. That should be ok/safe to do, correct?
    Don't bother. I don't think it will even run, but if it does it's probably not really doing anything useful for you.
    01-10-12 04:47 PM
  11. space_traveler's Avatar
    Don't bother. I don't think it will even run, but if it does it's probably not really doing anything useful for you.
    Ok, thanks. Do you know of a similar app that would work like Eraser - e.g. overwrite selected files/folders before the PB security wipe?
    Last edited by space_traveler; 01-10-12 at 04:54 PM.
    01-10-12 04:51 PM
  12. BuzzStarField's Avatar
    You are basing this off of TV shows? lol.
    F2 has a dry sort of humour. He will correct me if I'm wrong but I think he meant the opposite of what he said.
    diegonei likes this.
    01-10-12 04:54 PM
  13. taylortbb's Avatar
    Ok, thanks. Do you know of a similar app that would work like Eraser - e.g. overwrite selected files/folders before the PB security wipe?
    Overwriting files would require a low level filesystem access that nothing outside the PB will have, as that would have security implications. Just use the security wipe, it is more than good enough. As was explained earlier, BB security wipe meets US DoD specifications. You don't get any more secure than that.
    01-10-12 05:20 PM
  14. space_traveler's Avatar
    While I do respect peoples opinions here, as it sounds like many of you are more knowledgeable than myself on the matter, I still can't help but wonder how fully secure this PB security wipe really is.

    It appears (based on previous posts) the PB security wipe does a simple single overwrite with zeros, which I agree would be pretty darn secure, but does anyone have any documentation on this?

    Also, what about the free space on the drive? Is that overwritten (with zeros) as well? Could data possibly still be recovered off the free space after a PB security wipe?

    Thanks again.
    01-10-12 05:38 PM
  15. taylortbb's Avatar
    RIM doesn't give the exact details for the PlayBook, however assuming that it's similar to the smartphones is a reasonable assumption. The details are listed at KB16307-Actions performed by the BlackBerry smartphone during the removal of stored user and application data . All forms of security wipe "Overwrites BlackBerry smartphone memory".
    space_traveler likes this.
    01-10-12 05:51 PM
  16. BuzzStarField's Avatar
    While I do respect peoples opinions here, as it sounds like many of you are more knowledgeable than myself on the matter, I still can't help but wonder how fully secure this PB security wipe really is.

    It appears (based on previous posts) the PB security wipe does a simple single overwrite with zeros, which I agree would be pretty darn secure, but does anyone have any documentation on this?

    Also, what about the free space on the drive? Is that overwritten (with zeros) as well? Could data possibly still be recovered off the free space after a PB security wipe?

    Thanks again.
    You seem to be very concerned about whatever it is that you put on your device. What could it be.? Wait... don't tell me because you may have to kill me.

    I don't want to make light of your dilemma but neither do I think anyone here is privy to the exact mechanism that RIM uses to erase data. Anything you see here would be sheer speculation. Perhaps you need to contact RIM directly or hire a security expert if this information is so vital to you.
    01-10-12 05:57 PM
  17. FF22's Avatar
    F2 has a dry sort of humour. He will correct me if I'm wrong but I think he meant the opposite of what he said.
    I guess I did need an appropriate sly smilie to accompany my 'witty' remarks. Thanks for clarifying me intent.
    01-10-12 06:38 PM
  18. Spinal's Avatar
    Is the data securely overwritten or could it possibly be recovered by a new user, should you give your PB away or sell it?
    is your data really that sensitive or are you just that paranoid?
    01-10-12 10:43 PM
  19. BuzzStarField's Avatar
    is your data really that sensitive or are you just that paranoid?
    In either case, the following procedure should render the data unreadable:
    1. Do security wipe and reinstall OS
    2. Fill shared storage to capacity with random files
    3 Delete all files in shared storage
    4. Repeat steps 2 and 3 97 times
    5. Repeat steps 1, through 4 inclusive 16 times
    6. Incinerate device
    FF22 and Hgouck like this.
    01-10-12 11:20 PM
  20. peter9477's Avatar
    While I do respect peoples opinions here, as it sounds like many of you are more knowledgeable than myself on the matter, I still can't help but wonder how fully secure this PB security wipe really is.

    It appears (based on previous posts) the PB security wipe does a simple single overwrite with zeros, which I agree would be pretty darn secure, but does anyone have any documentation on this?

    Also, what about the free space on the drive? Is that overwritten (with zeros) as well? Could data possibly still be recovered off the free space after a PB security wipe?
    I think looking into the requirements of the various security certifications the thing has got would be your best bet to get a satisfying answer.

    I don't think it looks like an overwrite-with zeros necessarily. Flash devices don't work the same as hard drives. More likely the flash memory supports a single secure erase operation which wipes everything back to empty (which is usually all-ones for that matter). I understand the filesystems may also be encrypted, but that might be only the corporate partitions... I have no details on it.

    I will say I was able to dig and get just enough info today to give me some confidence that what's being done is well beyond what I'd consider minimal, which would be ensuring someone with physical access, the ability to root the device, and an unlimited number of low-level tools could not retrieve my data after a wipe. I don't know yet whether the protection goes beyond that, protecting against someone who would physically remove the flash chips from the PCB and do, say, electron microscope scanning or some such.

    I can only speak for myself, but I'm willing to entrust my passwords and such to the thing. I would, however, really like to know more about this as well, but reading up on the certifications would seem to be the first step.
    01-10-12 11:43 PM
  21. space_traveler's Avatar
    @ peter9477

    Thanks peter9477, as usual another thoughtful and indepth reply.

    I think I will try contacting RIM and see what they have to say first though. Best place to start I think.
    01-11-12 02:35 PM
  22. space_traveler's Avatar
    It seems we have all the usual thoughtless comments about the inquirer being "paranoid" and "just go destroy your device" remarks aimed at anyone who simply wants to better understand the security of their device/PB, typical really lol.

    But what I'm especially surprised not to see is the usual shallow comments about how your "pr0n collection isn't worth all the effort" type comments. But I guess the thread isn't locked yet, right? Lmao.
    01-11-12 02:51 PM
  23. peter9477's Avatar
    Don't go beating up on BuzzStarField, if that's the "destroy your device" remark to which you referred... he's sometimes got a pretty dry and subtle sense of humour and wasn't trying to make any snide statements about what you're trying to do.
    BuzzStarField likes this.
    01-11-12 04:00 PM
  24. Branta's Avatar
    If a device or its software meets FIPS approval that is probably good enough - provided you compare the requirements with the attacks you need to resist (risk assessment). The first approach might be to list your requirement on paper, then read the appropriate FIPS approval scheme - it is available online. I can't get to it immediately but I remember seeing relevant "performance standards" with which approved equipment must comply. I'm almost certain that zeroing of relevant stored data (encryption keys) was included in all cases and would effectively make user level stored data useless even if it could be recovered. Attack by physical removal of chips is covered at higher levels of approval.

    The RIM security scheme is widely regarded as one of the best and most secure in the industry. If the standard protection is not adequate for your needs the real question is not destruction of the device, but whether you should be using a mobile device to access data of such sensitivity.
    01-11-12 04:02 PM
  25. BuzzStarField's Avatar
    It seems we have all the usual thoughtless comments about the inquirer being "paranoid" and "just go destroy your device" remarks aimed at anyone who simply wants to better understand the security of their device/PB, typical really lol.

    But what I'm especially surprised not to see is the usual shallow comments about how your "pr0n collection isn't worth all the effort" type comments. But I guess the thread isn't locked yet, right? Lmao.
    I do apologize if I offended you with my remarks. My clumsy attempt at humour was more directed at myself and the strange thoughts that crossed my mind when I considered the poster's question about paranoia.

    I actually thought about writing an app that would erase data with sufficient certainty to satisfy a paranoid person's particular needs. My idea involved writing and rewriting the flash drive with random stuff - but then I thought about the application data areas and other hiding places where I couldn't write random bits to. I quickly dismissed the app idea because I didn't know the answers to the questions that you were asking. Besides I doubted that there would be a huge market for a app like that anyway. And I could get into a liability pickle if it didn't work properly.

    I decided that the app idea was crazy but I did ask myself what I would do if I couldn't trust RIM's wipe process and there was "stuff" that needed purging. The only reasonable thing to do in my mind would be to destroy the storage device.

    Now all of this analysis crossed my mind in a split second and I chuckled out loud. For some reason, I thought that I needed to document the really convoluted way a paranoid person might proceed in order to hide some evidence. That's just the way my mind works and once again I apologize if I sent the wrong message.
    Hgouck and tangyboy like this.
    01-11-12 05:46 PM
34 12
LINK TO POST COPIED TO CLIPBOARD