One of the more amusing things I remembered when I was in the Marine Corps, was
someone in the security chain discovered that there was a CMOS clock battery on
the old 8088 style motherboards. (A LOT of configuration was in DIP switches
then, but there were some small setup things in CMOS). We had TEMPEST certified
IBM PC clones with 10Meg removable hard drives; all the classified data was on
the hard drives. However, *gasp* here’s these CMOS batteries with RAM on them!
So, the military security folks sent out a procedure for when unclassified
computer techs were working on the machines to remove the CMOS battery and let
the motherboard discharge.
So, I started wondering, what would happen if you accidentally DIDN’T do that.
What was compromised? You have to let people know when there is a breach of
classified info. So what’s leaked? Today’s date? So then all official
correspondence could no longer make use of December 5th (say) as it had been
compromised. Heh.
Please burn the “December” pages in your calendars immediately.
Media sanitization is important (good links, below), but also in the same time
frame someone decided that you could *always* read the hard drives; no amount
of writing and overwriting was enough to completely sanitize the data, so the
only method to clean the 10Meg removable drives was Thermite.
We have thus invented infinite storage capacity, if only we could find enough
10Meg removable hard drives today. We’ve solved the storage problem.
That is all.
== John ==
From: [email protected] [mailto:[email protected]] On
Behalf Of Kurt Buff
Sent: Monday, December 22, 2014 9:04 AM
To: [email protected]
Subject: [NTSysADM] Given some of the discussions on disk/tape in the past...
This is kind of interesting.
Kurt
From: NIST Computer Security Resource Center
[mailto:[email protected]<mailto:[email protected]>]
Sent: Monday, December 22, 2014 05:59
To:
Subject: NIST Computer Security Division Released Special Publication 800-88
Revision 1, Guidelines for Media Sanitization
NIST Computer Security Division Released Special Publication 800-88 Revision 1,
Guidelines for Media Sanitization
This is the short announcement that was provided for this document:
Media sanitization refers to a process that renders access to target data on
the media infeasible for a given level of effort. This guide will assist
organizations and system owners in making practical sanitization decisions
based on the categorization of confidentiality of their information.
Direct link to the SP 800-88 Revision 1 document (in .PDF):
http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-88r1.pdf<http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTQxMjIyLjM5NjM2MjYxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDE0MTIyMi4zOTYzNjI2MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MDI1Mzk1JmVtYWlsaWQ9a2J1ZmZAemV0cm9uLmNvbSZ1c2VyaWQ9a2J1ZmZAemV0cm9uLmNvbSZmbD0mZXh0cmE9TXVsdGl2YXJpYXRlSWQ9JiYm&&&100&&&http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-88r1.pdf>
This URL is where SP 800-88 Revision 1 can be found on the NIST CSRC Special
Publications page:
http://csrc.nist.gov/publications/PubsSPs.html#800-88<http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTQxMjIyLjM5NjM2MjYxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDE0MTIyMi4zOTYzNjI2MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MDI1Mzk1JmVtYWlsaWQ9a2J1ZmZAemV0cm9uLmNvbSZ1c2VyaWQ9a2J1ZmZAemV0cm9uLmNvbSZmbD0mZXh0cmE9TXVsdGl2YXJpYXRlSWQ9JiYm&&&101&&&http://csrc.nist.gov/publications/PubsSPs.html#800-88>
(note: if the target link part of the URL does not work from above URL (target
link is at end of URL where the #), go to the CSRC Special Publications page in
your web browser:
http://csrc.nist.gov/publications/PubsSPs.html<http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTQxMjIyLjM5NjM2MjYxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDE0MTIyMi4zOTYzNjI2MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MDI1Mzk1JmVtYWlsaWQ9a2J1ZmZAemV0cm9uLmNvbSZ1c2VyaWQ9a2J1ZmZAemV0cm9uLmNvbSZmbD0mZXh0cmE9TXVsdGl2YXJpYXRlSWQ9JiYm&&&102&&&http://csrc.nist.gov/publications/PubsSPs.html>
and then at the end of the URL in the URL Locator in your web browser type:
#800-88 (there is no space between the PubsSPs.html and the #800-88 – so the
final URL should look just like the 2nd URL provided above)
__________
Pat O’Reilly
NIST Computer Security Division
[email protected]<mailto:[email protected]> (Attn: Pat O’Reilly)
________________________________
Update your subscriptions, modify your password or e-mail address, or stop
subscriptions at any time on your Subscriber Preferences
Page<http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTQxMjIyLjM5NjM2MjYxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDE0MTIyMi4zOTYzNjI2MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MDI1Mzk1JmVtYWlsaWQ9a2J1ZmZAemV0cm9uLmNvbSZ1c2VyaWQ9a2J1ZmZAemV0cm9uLmNvbSZmbD0mZXh0cmE9TXVsdGl2YXJpYXRlSWQ9JiYm&&&103&&&https://public.govdelivery.com/accounts/USNISTCSRC/subscriber/new>.
You will need to use your email address to log in. If you have questions or
problems with the subscription service, please visit
subscriberhelp.govdelivery.com<http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTQxMjIyLjM5NjM2MjYxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDE0MTIyMi4zOTYzNjI2MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MDI1Mzk1JmVtYWlsaWQ9a2J1ZmZAemV0cm9uLmNvbSZ1c2VyaWQ9a2J1ZmZAemV0cm9uLmNvbSZmbD0mZXh0cmE9TXVsdGl2YXJpYXRlSWQ9JiYm&&&104&&&https://subscriberhelp.govdelivery.com/>.
All other enquiries can be directed to
[email protected]<mailto:[email protected]>.
This service is provided to you at no charge by the National Institute of
Standards and Technology (NIST).
________________________________
<http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTQxMjIyLjM5NjM2MjYxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDE0MTIyMi4zOTYzNjI2MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MDI1Mzk1JmVtYWlsaWQ9a2J1ZmZAemV0cm9uLmNvbSZ1c2VyaWQ9a2J1ZmZAemV0cm9uLmNvbSZmbD0mZXh0cmE9TXVsdGl2YXJpYXRlSWQ9JiYm&&&105&&&http://www.govdelivery.com/portals/powered-by>
<http://links.govdelivery.com:80/track?type=click&enid=ZWFzPTEmbWFpbGluZ2lkPTIwMTQxMjIyLjM5NjM2MjYxJm1lc3NhZ2VpZD1NREItUFJELUJVTC0yMDE0MTIyMi4zOTYzNjI2MSZkYXRhYmFzZWlkPTEwMDEmc2VyaWFsPTE3MDI1Mzk1JmVtYWlsaWQ9a2J1ZmZAemV0cm9uLmNvbSZ1c2VyaWQ9a2J1ZmZAemV0cm9uLmNvbSZmbD0mZXh0cmE9TXVsdGl2YXJpYXRlSWQ9JiYm&&&105&&&http://www.govdelivery.com/portals/powered-by>
