Re: [Fed-Talk] Re: Fed-talk Digest, Vol 5, Issue 48
Re: [Fed-Talk] Re: Fed-talk Digest, Vol 5, Issue 48
- Subject: Re: [Fed-Talk] Re: Fed-talk Digest, Vol 5, Issue 48
- From: Joshua Krage <email@hidden>
- Date: Mon, 25 Feb 2008 19:23:44 -0500
Apple needs to update their documentation... they aren't the
authoritative source (and neither am I!).
NISPOM (DOD 5520-22) no longer (since at least 2006) specifies the
"how" of media sanitization. That has been pushed to lower level
documents/people. Section 8-103.f(1) gives the facility ISSM the
ability to set the sanitization requirements (where thermite use
isn't immediately required). Section 8-301 allows the accrediting
CSA to set instructions on sanitization & clearing. This section
does define "Clearing" and "Sanitization".
The media sanitization rules may still show up in a few odd places as
the last vestiges of the DITSCAP process are replaced by DIACAP
processes.
Civilian agencies can consult NIST SP800-88 for guidance on the same
topics. You might be surprised at how often a disk must be cleared
or destroyed. You might also be surprised by the move away from OS-
level disk wipes.
On Feb 25, 2008, at 12:19 PM, Daniel Hoit wrote:
Allan,
from Apple's itpro/federal page:
"Secure Erase (DoD 5220-22-M Compliant)
Secure Erase follows the U.S. Department of Defense standard for
the sanitization of magnetic media in DoD 5220-22-M: National
Industrial Security Program Operating Manual.
Now you can completely erase sensitive files you no longer need.
When you delete a file or folder, Secure Erase Trash makes sure
that it no longer exists. Traditional file deleting simply removes
the file name from the disk directory but leaves the file data in
place. Secure Erase Trash immediately overwrites the file according
to the seven-pass DoD specification."
Srm, secure erase, and disk util all use the same algorithms. 1, 7,
or 35 pass can be configured for each. There is even a hack you can
enable to change which option is used for the Secure Empty Trash
option (not that I recommend it). http://www.macgeekery.com/hacks/
change_10_4_finders_secure_empty_trash_options
If you look at the hack though, you'll see that the Finder is
actually using srm to do the secure erase, so that should answer
your questions.
--DH
On Feb 23, 2008, at 12:04 PM, email@hidden wrote:
There is an option to Secure Empty Trash but that will only
securely delete the files
in the trash at that time. If files were previously deleted, only
the Erase Free Space
option will sanitize the disk. Also, I am trying to find out if the
Secure Empty
Trash conforms to DoD 5220.22-M. The command line program "srm" can
also delete a
specific file, and can use a 7-pass wipe (-m option), but I do not
know if this
command is DoD approved. Anyone know for sure?
Daniel Hoit
System Management Solutions Group
Lawrence Livermore National Laboratory
Email: email@hidden
Phone: 925.424.5256
Pager: 877.402.6321
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
40nasa.gov
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden