Computer security
Thread Starter
Computer security
Here's one for the experts
You have some files on a secure flash drive
You plug the drive into a computer (not yours)
You unlock the flash drive
You view / change on of the files on the flash drive
You save it back to the flash drive
You unplug the flash drive and walk off into the sunset
What do you leave behind? Will the computer have left an unwanted copy of the file lurking somewhere? This question came about because I loaded a file from a Kingston secure USB drive and found that I was able to carry on editing the file with the drive removed - does this mean a copy was on the PC somewhere? If so - does it get securely trashed when closed?
You have some files on a secure flash drive
You plug the drive into a computer (not yours)
You unlock the flash drive
You view / change on of the files on the flash drive
You save it back to the flash drive
You unplug the flash drive and walk off into the sunset
What do you leave behind? Will the computer have left an unwanted copy of the file lurking somewhere? This question came about because I loaded a file from a Kingston secure USB drive and found that I was able to carry on editing the file with the drive removed - does this mean a copy was on the PC somewhere? If so - does it get securely trashed when closed?
Join Date: Apr 2010
Location: London
Posts: 7,072
Likes: 0
Received 0 Likes
on
0 Posts
Hmmm - I did that once a few years ago in a Far East Internet Cafe that looked quite reasonable - just before leaving I ran a search for recent files on the hard disk and discovered something had made a nice copy of my working files ..................
for backup purposes I'm sure..........
for backup purposes I'm sure..........
Join Date: Apr 1998
Location: Mesopotamos
Posts: 5
Likes: 0
Received 0 Likes
on
0 Posts
You plug the drive into a computer (not yours)
You view / change on of the files on the flash drive
USB stick encryption is only good for physical loss of the USB stick and not much else. Accessing sensitive data via a public computer is simply insecure regardless of the measures taken (except the one were special polarised glasses are needed to be able to read the screen).
USB stick encryption is only good for physical loss of the USB stick and not much else. Accessing sensitive data via a public computer is simply insecure regardless of the measures taken (except the one were special polarised glasses are needed to be able to read the screen).
PDR
* This definition of "gone forever" means that there will be a temporary journal file in the windows temporary file area which someone who knows what they are doing MIGHT be able to extract some of the file from if they get to it from an account with admin permissions before the OS overwrites it, but they won't be able to open the file from (say) Word's recent file list.
Thread Starter
It's the 'gone forever' bit that concerns me. So once the file is saved back to the USB stick and closed would it be posssible to use (say) Recuva to resore it? Assuming the recovery attempt is immediate and the OS hasn't overwrit it.
If you're still around having saved the file to stick, then remove the stick without closing the file, then delete every morsel of the file (inc embedded graphics etc. if appropriate) and then save the empty file.
They can't touch yer for it.
They can't touch yer for it.
Join Date: Mar 2003
Location: England
Posts: 286
Likes: 0
Received 0 Likes
on
0 Posts
@tone,
Where you plug a usb stick into a host computer and then use software on that computer there is a high probability that some fragment of the data will be copied onto the host and remain there in a recoverable form (admittedly, requiring some tools, but they are so easily available online that that is not an issue to any third party).
The key questions is:
If the file is so sensitive - should you be plugging into an uncontrolled host?
If they answer to that is yes that you need to work on it on a third party system then perhaps a better approach is to create a live linux usb with its own persistent storage so that you do not use any software on the host. That is certainly possible with Kali linux (I haven't used it myself so this is not a recommendation just a statement of the possible):
If you are even more paranoid you could use tails which is a live cd for use with the TOR system:
https://tails.boum.org/
Although that may well attract the attention of black vectra drivers.
EG
Where you plug a usb stick into a host computer and then use software on that computer there is a high probability that some fragment of the data will be copied onto the host and remain there in a recoverable form (admittedly, requiring some tools, but they are so easily available online that that is not an issue to any third party).
The key questions is:
If the file is so sensitive - should you be plugging into an uncontrolled host?
If they answer to that is yes that you need to work on it on a third party system then perhaps a better approach is to create a live linux usb with its own persistent storage so that you do not use any software on the host. That is certainly possible with Kali linux (I haven't used it myself so this is not a recommendation just a statement of the possible):
If you are even more paranoid you could use tails which is a live cd for use with the TOR system:
https://tails.boum.org/
Although that may well attract the attention of black vectra drivers.
EG