Encrypted Disc Images...
So anyway, I started putting some stuff in encrypted disk images, the kind you make with disk utility (like a container).
I was wondering, how secure is this ? When I open the image and edit one of the files there, is it dumped to virtual memory or some other temporary location that could be accessed ?
For example say I had been editing a text file from within my disk image, it never touched the desktop or anywhere else. If the computer is physically compromised (i.e. lost) could someone have access to what I was working by examining the contents of my virtual memory or other such thing ?
I recently discovered that after formatting my USB keychain drive I was able to recover the data from it simply by unmounting it and "cat"ing it to a file. Can someone do the same thing to my hardrive ?
I think I was able to solve the problem with the USB disk by ,
cat /dev/random > /dev/disk2
and letting it run for about five minutes or so, that seemed to write over it completely and allow it to be reformatted with no traces of the previous information intact. Anyone know if that is correct or is data still able to be recovered ?
I was wondering, how secure is this ? When I open the image and edit one of the files there, is it dumped to virtual memory or some other temporary location that could be accessed ?
For example say I had been editing a text file from within my disk image, it never touched the desktop or anywhere else. If the computer is physically compromised (i.e. lost) could someone have access to what I was working by examining the contents of my virtual memory or other such thing ?
I recently discovered that after formatting my USB keychain drive I was able to recover the data from it simply by unmounting it and "cat"ing it to a file. Can someone do the same thing to my hardrive ?
I think I was able to solve the problem with the USB disk by ,
cat /dev/random > /dev/disk2
and letting it run for about five minutes or so, that seemed to write over it completely and allow it to be reformatted with no traces of the previous information intact. Anyone know if that is correct or is data still able to be recovered ?
Comments
On Windows side there is this product called DriveCrypt that can do some impressive things. For instance, look at the "invisible containers" feature... even if you give a password to a block of encrypted data, it's mathematically impossible for others to know if there is a second piece of data in that same crypto chunk that is unlocked by a different password.
I think your /dev/random operation should work, but there's no way of knowing how many times the data is written over, etc...
When you formatted the USB key, did you use the erase options in Disk Utility (zero the data, random write, etc.)? Those should do the same thing basically.