Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Fash cards sanitization from Nokia Symbian and WM5/6

from [Ryan Chow] Network Security [Permanent Link]
Subject: Re: Fash cards sanitization from Nokia Symbian and WM5/6
Date: Sat, 29 Sep 2007 08:43:55 +1000
In the case of blackberries it should be noted that only the lowest security classified information is allowed to be accessed. This is the case in Australia for government use. For that level of assurance the blackberry provides sufficent data security.

The best advice i have would be to contact the manufacturer and ask what their internal wiping process does unless you have access to your own facilities to conduct this type of evaluation. And then run this process many times to achieve a wipe.

- ryan,

Sent from my iPhone.

On Sep 29, 2007, at 7:53 AM, gjgowey@tmo.blackberry.net wrote:

Be careful. If it's a GSM phone it might not be storing messages and all other info necessarilly to the card. My blackberry here stores to internal device memory by default and not the card. I guess that's so if I do a reset the info is definitely destroyed (btw- blackberry's are used by DoD so I think that's enough assurance for me that this device is sufficiently secure in its data protection).

Geoff

Sent from my BlackBerry wireless handheld.

-----Original Message-----
From: Ryan Chow <rynchow@gmail.com>

Date: Sat, 29 Sep 2007 07:46:31
To:Luis Lopez Sanchez <luis.lopez@atosorigin.com>
Cc:"gjgowey@tmo.blackberry.net" <gjgowey@tmo.blackberry.net>,"listbounce@securityfocus.com " <listbounce@securityfocus.com>,"security-basics@lists.securityfocus.com " <security-basics@lists.securityfocus.com>
Subject: Re: Fash cards sanitization from Nokia Symbian and WM5/6


Hello,

From what I understand you are looking for a software application on
a WM5/6 and Symbian mobile device that wipes external flash memory
attached to the device?

When looking for products with this type of functionality I always
have a look at the Common Criteria Portal to ensure that the product
has been through an evaluation process and is suitable for government
use.

If the data is sensitive why not destroy it as you can just remove the
flash card.

- ryan,

Sent from my iPhone.

On Sep 28, 2007, at 6:52 PM, Luis Lopez Sanchez <luis.lopez@atosorigin.com
wrote: 

Hi Geoff,

Thank you very much for clarify me this matter, I'm not very
familiarized with solid state memories yet, until now I've been
working with hard disks sanitization only ... But I can understand
your explanation and their physical considerations.

Please, let me drop the question again, I would need some tool for
WM5/6 and Symbian to carry out a DoD wiping for external flash ...
Do you know anyone to use from mobile devices directly? I know that
performing a 'Hard Reset' it would get a internal flash wipe but how
I can wipe securely the external flash from the itself mobile device.

Thanks in advance,

Regards,

--
Luislo
http://luislo.blogspot.com

"I speak for myself not Atos Origin"

-----Original Message-----
From: gjgowey@tmo.blackberry.net [mailto:gjgowey@tmo.blackberry.net]
Sent: jueves, 27 de septiembre de 2007 19:11
To: Luis Lopez Sanchez; listbounce@securityfocus.com;
security-basics@lists.securityfocus.com
Subject: Re: Fash cards sanitization from Nokia Symbian and WM5/6

Why would you need gutman to sanitize a flash card?  Gutman
is written specifically for taking the inaccuracies of
writing to magnetic media into account.  Flash cards don't
suffer from those problems and all you're likely to do is
make them burn out faster.  I wouldn't do anything more than
a regular dod wipe on flash cards and even that is overkill.

Geoff

Sent from my BlackBerry wireless handheld.

-----Original Message-----
From: Luis Lopez Sanchez <luis.lopez@atosorigin.com>

Date: Thu, 27 Sep 2007 18:19:23
To:security-basics@lists.securityfocus.com
Subject: Fash cards sanitization from Nokia Symbian and WM5/6


Hi All,

I wonder if exist some application to write different
sanitization patterns to removable flash cards (such as SD
cards) for to use from the mobile device itself, no using PC
or other computers with flash cards reader. I have been
googling sometimes for this recurrent matter with no successful.

I'd like to know if somebody know some app to apply the
Guttman method (yeah! Of course, I know this is a any
obsolete method but to me it would be enough to start) to SD
and micro-SD flash cards from Windows Mobile 5/6 and Nokia w/
Symbian 80 3rd ed. based hardware platforms (such as HTC/QTEK
for WM and N*/E* Nokia Series). I am searching for a system
to wipe or sanitize flash cards directly from the two mobile
operating systems based platforms. From a PC with a simple
flash reader reader all is easy, but from a mobile device is
not so much... ÂAny idea?


PS: I think that something like 'dd' GNU tool for WM or
Symbian could be useful as a first approach, but I haven't
time to port it (and I don't know if I would be able to carry
out it!).

Many thanks in advance.

Best Regards,

--
Luislo
http://luislo.blogspot.com

"I speak for myself not Atos Origin"

------------------------------------------------------------------
This e-mail and the documents attached are confidential and
intended solely
for the addressee; it may also be privileged. If you receive
this e-mail
in error, please notify the sender immediately and destroy it.
As its integrity cannot be secured on the Internet, the Atos
Origin group
liability cannot be triggered for the message content. Although the
sender endeavours to maintain a computer virus-free network,
the sender does
not warrant that this transmission is virus-free and will not
be liable for
any damages resulting from any virus transmitted.

Este mensaje y los ficheros adjuntos pueden contener informacion
confidencial destinada solamente a la(s) persona(s) mencionadas
anteriormente. Pueden estar protegidos por secreto
profesional Si usted
recibe este correo electronico por error, gracias de informar
inmediatamente
al remitente y destruir el mensaje.
Al no estar asegurada la integridad de este mensaje sobre la red,
Atos
Origin no se hace responsable por su contenido. Su contenido
no constituye
ningun compromiso para el grupo Atos Origin, salvo
ratificacion escrita por
ambas partes.
Aunque se esfuerza al maximo por mantener su red libre de
virus, el emisor
no puede garantizar nada al respecto y no sera responsable de
cualesquiera
danos que puedan resultar de una transmision de virus
------------------------------------------------------------------


------------------------------------------------------------------
This e-mail and the documents attached are confidential and intended
solely
for the addressee; it may also be privileged. If you receive this e-
mail
in error, please notify the sender immediately and destroy it.
As its integrity cannot be secured on the Internet, the Atos Origin
group
liability cannot be triggered for the message content. Although the
sender endeavours to maintain a computer virus-free network, the
sender does
not warrant that this transmission is virus-free and will not be
liable for
any damages resulting from any virus transmitted.

Este mensaje y los ficheros adjuntos pueden contener informacion
confidencial destinada solamente a la(s) persona(s) mencionadas
anteriormente. Pueden estar protegidos por secreto profesional Si
usted
recibe este correo electronico por error, gracias de informar
inmediatamente
al remitente y destruir el mensaje.
Al no estar asegurada la integridad de este mensaje sobre la red, Atos
Origin no se hace responsable por su contenido. Su contenido no
constituye
ningun compromiso para el grupo Atos Origin, salvo ratificacion
escrita por
ambas partes.
Aunque se esfuerza al maximo por mantener su red libre de virus, el
emisor
no puede garantizar nada al respecto y no sera responsable de
cualesquiera
danos que puedan resultar de una transmision de virus
------------------------------------------------------------------


[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Fash cards sanitization from Nokia Symbian and WM5/6, gjgowey
Next by Date:  Re: Fash cards sanitization from Nokia Symbian and WM5/6, gjgowey
Previous by Thread:  Re: Fash cards sanitization from Nokia Symbian and WM5/6, gjgowey
Next by Thread:  Re: Fash cards sanitization from Nokia Symbian and WM5/6, gjgowey
Indexes:  [Date] [Thread] [Top] [All Lists]