Digital Security and Privacy for Human Rights Defenders

2.3 Information Backup, Destruction and Recovery

Abstract
  1. A backup strategy should include: the files to be archived, the frequency of updating the archive, location and storage of the archive.
    Simply deleting data from your computer is not sufficient to make it unrecoverable. Sensitive information needs to be wiped from your computer.
  2. It is good practice to wipe temporary files, Internet cache and free space on your computer.
  3. Take good care of your computer’s physical environment.
  4. If you lose a document, do a thorough search of your computer using the Windows search function and analyse your hard disk with data recovery software.

Two important issues to consider when working with information are how to duplicate it and how to destroy it. Computers allow these two processes to be performed quickly and efficiently, and it is, once again, human error and carelessness that are the commonest causes of malfunction of systems. This chapter will explore the theory behind replicating your computer-held information, restoring lost data and erasing unnecessary or sensitive information without the possibility of recovery. It will also describe good practice in this area.

Information Backup

 Important documents are usually duplicated. The American Declaration of Independence was originally produced in 251 copes. People make photocopies of their passports, tax returns and driving licences. Manuscripts are copied before being sent to the publisher. These are all precautions against the loss of documents and information in them. Computers make duplication a very easy and rapid procedure. Numerous programs will create an identical copy of the original information base and store it in the location of your preference. Gone are the days when the loss of your little address book resulted in painstaking search for the forgotten phone numbers, and that, as you will see, is both a blessing and a curse.

The need to create a backup copy of your computer files is often superseded by the belief that ‘nothing will go wrong’. We rely on ourselves and our computers not to forget, lose or damage the information.

Information loss occurs on a micro and macro levels. You can lose just one document through a program malfunction or a virus. You can also lose the entire contents of your computer through a hardware malfunction or a malicious damage. Always have a backup strategy for all scenarios.

Backup strategies

Consider the type, quantity and frequency of backup for your information. You may wish to carry around a USB memory stick with a copy of all your documents. If your computer has a CD-writer, you can backup a lot of documents, photos and audio files on a weekly basis and keep a copy at a separate location. If you have a server computer in your office, it requires a periodic backup not only of the documents users store on it, but also of the software and system settings.

Frequent access files

This file type refers to the working documents you need to have access to at all times. These files are constantly updated and you need to have the latest version available.

The most applicable device here would be a USB memory stick. It is small, has no moving parts (therefore less prone to damage than a floppy disk) and usually provides sufficient storage space for many documents. You should be able to synchronise the content of a folder on your home/office computer to the USB memory stick20.

Backup frequency: daily.

Non-frequent access files

This is a collection of your entire document archive, built up over time. Files are infrequently created and updated. It may not be necessary to keep the latest versions of every file, but a backup is still essential.

The most efficient device to use as a backup medium in this scenario would be a re-writeable CD-ROM drive (CD-RW). It will allow for up to 800MB of storage space and you can overwrite the previous archive with the current one, only having to look after one or two CDs at a time21.

Backup frequency: weekly.

System Files - For Techies

 To prevent a long process of restoration in the event of a computer crash or malfunction, you should periodically make a copy (image) of your entire computer. This is an advanced option, probably suited for system administrators or someone who looks after your computer. A system backup includes all the installed programs (and their licences), system registry, device drivers, etc.

One way to perform this backup would be with a tape drive. These are quite expensive and usually do not come as standard with your computer purchase. The other option is to buy a removable hard drive and perform the backup onto it. A full system backup usually requires specialised software, known as disk imaging. It can be also done by using the Windows built-in backup functionality that you can access by going to Start > Programs > Accessories > System Tools > Backup. In case of fire or other disaster, it is essential to keep a copy of the system backup away from the computer premises.

Backup frequency: monthly.

For the sake of security, do not create too many backup copies. If you cannot overwrite a CD on a weekly basis, make sure you properly destroy the outdated versions. This way, your backup files would be harder for an attacker to find, and you won't get confused as to which CD contains the latest copy of your documents.

Information Destruction
It is virtually impossible to completely erase all information stored on your computer without resorting to cutting, burning or breaking into tiny pieces the data- carrying device. Whilst you may think that Windows has emptied your ‘Recycle Bin’, this is not true. We must take necessary precautions to make sure that the data no longer wanted on our machines is properly deleted.

Between 2000 and 2002, researchers Simson Garfinkel and Abhi Shelat of MIT purchased a large number of second-hand hard disks from various dealers through the online auc- tion house eBay and examined these for any residual information they contained. They were able to recover over 6000 credit card numbers and cached Web pages where some of these were used, medical records, love letters and pornographic images amongst other material. One hard drive appeared to have come from an ATM machine in Illinois.22

Data recovery is a growing industry, and many firms and government agencies have become incredibly advanced at salvaging lost and damaged data. Another element of our information security is the need for human rights organisations not only to keep sensitive information safe, but to destroy it properly as well. This section will examine the process of permanently deleting unwanted information from your computer.

The Problem of Deletion

There is no computer function that can delete information. Strictly speaking, computers can only write new information to the hard drive. When you choose to delete a file in Windows, you are simply telling the computer that this space is now available to be overwritten with new data (even though it appears as 'free space'). Windows removes the file icon and the name reference from your screen, as though the file is no longer there. It does not remove the actual data from the hard drive. You can compare this to removing the label from a filing cabinet, but leaving the files still in the drawer. Until you have overwritten the exact physical space on the hard drive with new data, the information is still there and is easily visible with the help of specialised software.

WIPING

Aside from degaussing, burning, microwaving or ingesting your digital storage device, there is only one sure method of deleting unwanted data whilst preserving use of the device itself. Existing data needs to be overwritten with other random data. This method is known as wiping. You can wipe a single file or you can wipe the 'free' space on your hard drive. The latter action will find all presently unallocated space (or space not used by current files) and overwrite it with random data. Experts agree that at least one random pass is necessary to prevent recovery of your information. The Security-in-a-Box project provides the Eraser tool for wiping unwanted information from your computer23.

Wiping software such as Eraser can integrate with Windows and allow you to wipe files or the contents of the 'Recycle Bin' with two simple mouse clicks. Eraser can also wipe all remnants of past files stored in the 'empty space' of your hard drive or media device. This feature is known as a free space wipe.

You must be aware that it is not only your documents that should be wiped, but also other files used by Windows and collected whilst you use the com- puter and browse the Internet.

Temporary files

These are files collected by a computer as you go on about your work. They include unfinished or unsaved documents, Internet pictures and graphics (also known as cache) and a myriad of other files, which reveal your past activities on the computer.

harddrive copies

Multiple copies of your document are created
every time you edit it

Let's imagine that you are writing a large report. It takes you a week of work, several hours each day. Every time you press 'save' before shutting down your computer and leaving for the day, Windows creates a different copy of this document and stores it on the hard drive. After a week of editing, you will have several versions at different stages of completion on your hard drive. Windows does not look for the exact physical location of the original file and overwrite it every time. It simply puts the latest version in unallocated space on your hard drive. This can, of course, lead to problems when you need to erase all traces of this document from your computer.

You should delete the contents of these folders periodically. For a secure (unre- coverable) deletion of all temporary files, use the CCleaner utility (see the
Security-in-a-Box project24).

It is very important to delete the temporary files collected during your work- ing session, especially when using a public computer, such as one in an Internet café or library. You can carry a portable version of the Ccleaner pro- gram on your USB memory stick and use it to wipe temporary files from the computer. For more information see the Security-in-a-Box project25.

Wiping guidelines

If you decided to erase all traces of previous and temporary files from your computer, you can perform the following steps, using one of the wiping software programs provided in the Digital Security Toolkit project, or by sourcing it yourself.
  • Make sure you have a backup of all your user documents, licence files and Windows registry
  • Wipe the temporary folders on your computer
  • Wipe all the 'free space' on your computer
  • Get into the habit of wiping all the temporary files before shutting down your computer and always after working on a public computer.
  • Perform a free space wipe on your USB memory disks, digital camera memory cards and re-writeable CDs.

For Techies

Another Windows feature that – unbeknownst to you – stores your personal documents is the swap file (also known as paging file). Windows uses the swap file for the ease of operation. At its simplest, it is a part of the hard drive Windows assigns to itself to handle all your current operations. When you switch the computer off, the swap file retains all the information previously on it. Even if you are using encryption software, your files will not be stored encrypted in the swap file. It is advisable to disable this feature (you should have at least 256MB of RAM in your computer to replace the swap file's functionality) or to use a wiping tool to securely delete information on the swap file before shutting down the computer26. To disable the swap file on Windows 2000 and XP:

Select: Start > Settings > Control Panel > System
Click: Advanced tab
Click: Performance
Click: Virtual memory (advanced > virtual memory for XP)
De-select: the swap file option or set it to ‘0’.

If your computer is a laptop, disable the hibernation feature. It may take you 30 seconds but will greatly decrease the risks of access to information on your laptop.

Select: Start > Settings > Control Panel > Power Options
Click: Hibernation tab
De-select: Enable Hibernate

Digital Security ToolkitInformation Recovery

Files that have not been wiped can be recovered. Some tools at our disposal can perform searches of our hard drive or other media device for lost, damaged or corrupted files. Search the Internet using the keywords 'data recovery tools' or install the UndeletePlus utility from the Security-in-a-Box project27.

It may be possible to take advantage of a digital device's inability to delete data properly. For example, you can make a photo on your digital camera, and then delete it. This method can be used to obfuscate the existence of the original photo. Data recovery tools can then be used to restore the deleted data when necessary. However you must be careful not to overwrite the nec- essary picture (by taking another one). Prior planning and further study is required for this technique to be used safely.

 

Prevention

Keeping your system from crashing and losing your documents will require a careful approach to its environment and stability. Do not drink or eat, or per- form any number of other functions that could potentially cause physical dam- age around your computer space. Due to the complex nature of electric cir- cuity, computers do not react well to water or magnetic fields. Keep your computer away from the ground, lest heavy footsteps or jumping should shake it. Secure your computer from electricity surges either with stabilisers or with fused sockets. You may consider purchasing an alternate battery supply (UPS). It is best to ask an expert in a computer shop for a more detailed description of the above items and how they can prevent your computer from being damaged.

 

20
Use a program like Allwaysync (http://www.allwaysync.com) to perform synchronisation

21
Use a combination of the archiving program Freebyte (http://www.freebyte.com) and a CD burning program DeepBurner Pro (http://www.deepburner.com). Both can be found on the Digital Security Toolkit CD

22
Remembrance of Data Passed: A Study of Disk Sanitization Practices, Published in IEEE Security & Privacy, vol. 1, no. 1, 2003 By Simson L. Garfinkel and Abhi Shelat, Massachusetts Institute of Technology

23
(http://security.ngoinabox.org/eraser_main)

24
http://security.ngoinabox.org/ccleaner_main

25
http://security.ngoinabox.org/chapter_6_2

26

See wiping tools Eraser http://www.heidi.ie/eraser or BCWipe http://www.jetico.com/bcwipe.htm(http://www.jetico.com/bcwipe.htm)

27
http://security.ngoinabox.org/undelete_main

 
 

Front Line 2007. Please contact Front Line with any comments or suggestions.