2198:
1262:
269:
utilities is that they generally leave a much smaller signature than disk cleaning utilities. There are two primary disadvantages of file wiping utilities, first they require user involvement in the process and second some experts believe that file wiping programs don't always correctly and completely wipe file information. Some of the widely used file wiping utilities include
2208:
232:). The effectiveness of disk cleaning utilities as anti-forensic tools is often challenged as some believe they are not completely effective. Experts who don't believe that disk cleaning utilities are acceptable for disk sanitization base their opinions of current DOD policy, which states that the only acceptable form of sanitization is degaussing. (See
445:. Cryogenically freezing the RAM might extend this time even further and some attacks on the wild have been spotted. Methods to counteract this attack exist and can overwrite the memory before shutting down. Some anti-forensic tools even detect the temperature of the RAM to perform a shutdown when below a certain threshold.
482:
Anti-forensic methods rely on several weaknesses in the forensic process including: the human element, dependency on tools, and the physical/logical limitations of computers. By reducing the forensic process's susceptibility to these weaknesses, an examiner can reduce the likelihood of anti-forensic
204:
of other files, thereby hiding it from the forensic examination software. Another data hiding technique involves the use of bad sectors. To perform this technique, the user changes a particular sector from good to bad and then data is placed onto that particular cluster. The belief is that forensic
137:
The majority of publicly available encryption programs allow the user to create virtual encrypted disks which can only be opened with a designated key. Through the use of modern encryption algorithms and various encryption techniques these programs make the data virtually impossible to read without
68:
Anti-forensics methods are often broken down into several sub-categories to make classification of the various tools and techniques simpler. One of the more widely accepted subcategory breakdowns was developed by Dr. Marcus Rogers. He has proposed the following sub-categories: data hiding, artifact
59:
A more abbreviated definition is given by Scott
Berinato in his article entitled, The Rise of Anti-Forensics. "Anti-forensics is more than technology. It is an approach to criminal hacking that can be summed up like this: Make it hard for them to find you and impossible for them to prove they found
164:
is a technique where information or files are hidden within another file in an attempt to hide data by leaving it in plain sight. "Steganography produces dark data that is typically buried within light data (e.g., a non-perceptible digital watermark buried within a digital photograph)." While some
86:
by anti-forensic tool authors, James Foster and Vinnie Liu. They stated that by exposing these issues, forensic investigators will have to work harder to prove that collected evidence is both accurate and dependable. They believe that this will result in better tools and education for the forensic
358:
In the past anti-forensic tools have focused on attacking the forensic process by destroying data, hiding data, or altering data usage information. Anti-forensics has recently moved into a new realm where tools and techniques are focused on attacking forensic tools that perform the examinations.
168:
According to
Jeffrey Carr, a 2007 edition of Technical Mujahid (a bi-monthly terrorist publication) outlined the importance of using a steganography program called Secrets of the Mujahideen. According to Carr, the program was touted as giving the user the capability to avoid detection by current
268:
File wiping utilities are used to delete individual files from an operating system. The advantage of file wiping utilities is that they can accomplish their task in a relatively short amount of time as opposed to disk cleaning utilities which take much longer. Another advantage of file wiping
298:
is a process by which a magnetic field is applied to a digital media device. The result is a device that is entirely clean of any previously stored data. Degaussing is rarely used as an anti-forensic method despite the fact that it is an effective means to ensure data has been wiped. This is
219:
The methods used in artifact wiping are tasked with permanently eliminating particular files or entire file systems. This can be accomplished through the use of a variety of methods that include disk cleaning utilities, file wiping utilities and disk degaussing/destruction techniques.
141:
File level encryption encrypts only the file contents. This leaves important information such as file name, size and timestamps unencrypted. Parts of the content of the file can be reconstructed from other locations, such as temporary files, swap file and deleted, unencrypted copies.
117:
and other various forms of hardware/software based data concealment. Each of the different data hiding methods makes digital forensic examinations difficult. When the different data hiding methods are combined, they can make a successful forensic investigation nearly impossible.
81:
is that anti-forensic tools are purely malicious in intent and design. Others believe that these tools should be used to illustrate deficiencies in digital forensic procedures, digital forensic tools, and forensic examiner education. This sentiment was echoed at the 2005
473:
Rogers uses a more traditional "crime scene" approach when defining anti-forensics. "Attempts to negatively affect the existence, amount and/or quality of evidence from a crime scene, or make the analysis and examination of evidence difficult or impossible to conduct."
165:
experts have argued that the use of steganography techniques is not very widespread and therefore the subject shouldn't be given a lot of thought, most experts agree that steganography has the capability of disrupting the forensic process when used correctly.
465:
While the study and applications of anti-forensics are generally available to protect users from forensic attacks of their confidential data by their adversaries (eg investigative journalists, human rights defenders, activists, corporate or government
370:
of the image. One of the recent anti-tool techniques targets the integrity of the hash that is created to verify the image. By affecting the integrity of the hash, any evidence that is collected during the subsequent investigation can be challenged.
281:
can be also used to wipe single files. SSDs are by design more difficult to wipe, since the firmware can write to other cells therefore allowing data recovery. In these instances ATA Secure Erase should be used on the whole drive, with tools like
436:
Battery could be removed from a laptop to make it work only while attached to the power supply unit. If the cable is removed, shutdown of the computer will occur immediately causing data loss. In the event of a power surge the same will occur
337:
Another well known trail-obfuscation program is
Transmogrify (also part of the Metasploit Framework). In most file types the header of the file contains identifying information. A (.jpg) would have header information that identifies it as a
359:
These new anti-forensic methods have benefited from a number of factors to include well documented forensic examination procedures, widely known forensic tool vulnerabilities, and digital forensic examiners' heavy reliance on their tools.
346:) would have information that identifies it as (.doc) and so on. Transmogrify allows the user to change the header information of a file, so a (.jpg) header could be changed to a (.doc) header. If a forensic examination program or
333:
pertaining to access, creation and modification times/dates. By using programs such as
Timestomp, a user can render any number of files useless in a legal setting by directly calling into question the files' credibility.
448:
Attempts to create a tamper-resistant desktop computer has been made (as of 2020, the ORWL model is one of the best examples). However, security of this particular model is debated by security researcher and
379:
To prevent physical access to data while the computer is powered on (from a grab-and-go theft for instance, as well as seizure from Law
Enforcement), there are different solutions that could be implemented:
396:, a number of proof of concept anti-forensic tools have been created to detect seizing of the computer from the owner to shut it down, therefore making the data inaccessible if full disk encryption is used.
236:.) Disk cleaning utilities are also criticized because they leave signatures that the file system was wiped, which in some cases is unacceptable. Some of the widely used disk cleaning utilities include
626:
388:
implements USB authorization policies and method of use policies. If the software is triggered, by insertion or removal of USB devices, a specific action can be performed. After the arrest of
314:
The purpose of trail obfuscation is to confuse, disorient, and divert the forensic examination process. Trail obfuscation covers a variety of techniques and tools that include "log cleaners,
145:
Most encryption programs have the ability to perform a number of additional functions that make digital forensic efforts increasingly difficult. Some of these functions include the use of a
874:
Kissel, R., Scholl, M., Skolochenko, S., & Li, X. (2006). Guidelines for Media
Sanitization. Gaithersburg: Computer Security Division, National Institute of Standards and Technology.
362:
During a typical forensic examination, the examiner would create an image of the computer's disks. This keeps the original computer (evidence) from being tainted by forensic tools.
441:
Some of these methods rely on shutting the computer down, while the data might be retained in the RAM from a couple of seconds up to a couple minutes, theoretically allowing for a
69:
wiping, trail obfuscation and attacks against the CF (computer forensics) processes and tools. Attacks against forensics tools directly has also been called counter-forensics.
483:
methods successfully impacting an investigation. This may be accomplished by providing increased training for investigators, and corroborating results using multiple tools.
181:
Other forms of data hiding involve the use of tools and techniques to hide data throughout various locations in a computer system. Some of these places can include "memory,
1296:
958:
Halderman, J. Alex; Schoen, Seth D.; Heninger, Nadia; Clarkson, William; Paul, William; Calandrino, Joseph A.; Feldman, Ariel J.; Appelbaum, Jacob; Felten, Edward W.
306:
recommends that "physical destruction can be accomplished using a variety of methods, including disintegration, incineration, pulverizing, shredding and melting."
303:
249:
657:
1102:
Harris, R. (2006). Arriving at an anti-forensics consensus: Examining how to define and control the anti-forensics problem. Retrieved
December 9, 2010, from:
633:
110:
of data give an adversary the ability to limit identification and collection of evidence by investigators while allowing access and use to themselves."
686:
56:
in 2002, defines anti-forensics as "the removal, or hiding, of evidence in an attempt to mitigate the effectiveness of a forensics investigation".
1815:
1194:
1011:
52:
One of the more widely known and accepted definitions comes from Marc Rogers. One of the earliest detailed presentations of anti-forensics, in
1125:
756:
1440:
1289:
1244:
233:
824:
130:. In a presentation given on encryption and anti-forensic methodologies, the Vice President of Secure Computing, Paul Henry, referred to
1571:
849:
1135:
1990:
735:
429:. In some jurisdictions this method could be illegal since it could seriously maim or kill an unauthorized user and could consist in
153:. The widespread availability of software containing these functions has put the field of digital forensics at a great disadvantage.
2045:
591:
979:
2211:
1149:
1106:
2201:
1282:
1265:
1249:
1536:
1511:
2232:
2161:
1521:
492:
363:
959:
661:
77:
Within the field of digital forensics, there is much debate over the purpose and goals of anti-forensic methods. The
2247:
2237:
1187:
782:
731:
Carr, J. (2007). Anti-Forensic
Methods Used by Jihadist Web Sites. Retrieved April 21, 2008, from eSecurityPlanet:
60:
you." Neither author takes into account using anti-forensics methods to ensure the privacy of one's personal data.
722:
Berghel, H. (2007 / Vol. 50, No. 4). Hiding Data, Forensics, and Anti-Forensics. Communications of the ACM, 15-20.
2242:
1915:
1551:
682:
Peron, C.S.J. (n.a.). Digital anti-forensics: Emerging trends in data transformation techniques. from
Seccuris:
2151:
2055:
2025:
1720:
1498:
1397:
1058:
542:
517:
400:
253:
237:
1072:
2146:
2015:
1885:
1601:
1166:
389:
299:
attributed to the high cost of degaussing machines, which are difficult for the average consumer to afford.
205:
examination tools will see these clusters as bad and continue on without any examination of their contents.
683:
2173:
2166:
2005:
1780:
430:
91:, as recovering information by forensic tools serves the goals of spies equally as well as investigators.
273:, R-Wipe & Clean, Eraser, Aevita Wipe & Delete and CyberScrubs PrivacySuite. On Linux tools like
2178:
1180:
537:
532:
150:
1150:
Arriving at an anti-forensics consensus: Examining how to define and control the anti-forensics problem
1086:
350:
were to conduct a search for images on a machine, it would simply see a (.doc) file and skip over it.
1386:
326:
83:
1020:
302:
A more commonly used technique to ensure data wiping is the physical destruction of the device. The
1970:
1458:
1376:
1366:
1361:
1305:
760:
522:
315:
196:
One of the more well known tools that is often used for data hiding is called
Slacker (part of the
78:
470:), Mac Rogers of Purdue University notes that anti-forensics tools can also be used by criminals.
102:
is the process of making data difficult to find while also keeping it accessible for future use. "
1960:
1765:
1755:
592:
https://www.csoonline.com/article/521254/investigations-forensics-the-rise-of-anti-forensics.html
38:
732:
407:
1728:
1609:
1356:
1341:
828:
228:
Disk cleaning utilities use a variety of methods to overwrite the existing data on disks (see
1019:. 2017 IEEE International Symposium on High Performance Computer Architecture. Archived from
944:
853:
173:
programs. It did this through the use of steganography in conjunction with file compression.
1700:
1157:
1013:
Cold Boot Attacks are Still Hot: Security Analysis of Memory Scramblers in Modern Processors
590:
Berinato, S. (2007). The Rise of Anti Forensics. Retrieved April 19, 2008, from CSO Online:
454:
442:
347:
270:
248:, KillDisk, PC Inspector and CyberScrubs cyberCide. Another option which is approved by the
245:
2020:
1950:
1880:
1809:
1775:
1760:
1672:
1639:
1614:
1153:
1129:
1110:
796:
706:
690:
127:
53:
986:
1710:
1506:
1239:
1224:
497:
367:
319:
229:
190:
17:
2226:
2156:
1955:
1629:
1234:
1229:
1219:
1141:
Refereed Proceedings of the 5th Annual Digital Forensic Research Workshop, DFRWS 2005
1103:
739:
615:
Rogers, D. M. (2005). Anti-Forensic Presentation given to Lockheed Martin. San Diego.
426:
422:
418:
393:
257:
161:
114:
1895:
1687:
1450:
1313:
1203:
274:
214:
170:
200:
framework). Slacker breaks up a file and places each piece of that file into the
49:
Anti-forensics has only recently been recognized as a legitimate field of study.
1985:
1905:
1850:
1770:
201:
182:
103:
99:
1161:
1087:"Thoughts on the "physically secure" ORWL computer | the Invisible Things"
325:
One of the more widely known trail obfuscation tools is Timestomp (part of the
2091:
2035:
1965:
1840:
1835:
1785:
1750:
1743:
1705:
1695:
1634:
1420:
1331:
1321:
1010:
Salessawi Ferede Yitbarek; Misiker Tadesse Aga; Reeturparna Das; Todd Austin.
512:
295:
278:
241:
197:
131:
107:
924:
563:
1932:
1922:
1910:
1900:
1865:
1830:
1825:
1738:
1644:
1546:
1478:
1415:
1326:
467:
186:
88:
1140:
2107:
2081:
2010:
1870:
1860:
1845:
1790:
1667:
1619:
1586:
1561:
1541:
1526:
1371:
1336:
1274:
450:
330:
256:
is CMRR Secure Erase, which uses the Secure Erase command built into the
126:
One of the more commonly used techniques to defeat computer forensics is
904:
684:
http://www.seccuris.com/documents/whitepapers/Seccuris-Antiforensics.pdf
2130:
2125:
2076:
1890:
1624:
1591:
1581:
1556:
1516:
1488:
1468:
1410:
1351:
1345:
884:
527:
507:
411:
385:
146:
87:
examiner. Also, counter-forensics has significance for defence against
1044:
945:"Destruction of Evidence Law and Legal Definition | USLegal, Inc"
2183:
2030:
1940:
1576:
1531:
1483:
1435:
929:
909:
889:
797:"What is Data Destruction, the Best Ways to Erase Your Data Securely"
283:
810:
1169:
Little over 3hr of video on the subject of anti-forensic techniques
1059:"Protect Linux from cold boot attacks with TRESOR | Linuxaria"
2086:
2060:
2000:
1975:
1733:
1677:
1662:
1566:
1473:
1430:
1425:
1405:
502:
113:
Some of the more common forms of data hiding include encryption,
1875:
1654:
1144:
343:
339:
1278:
1176:
1172:
825:"Ubuntu Manpage: SRM - secure remove (Secure_deletion toolkit)"
366:
are created by the forensic examination software to verify the
1945:
1855:
1463:
733:
http://www.esecurityplanet.com/prevention/article.php/3694711
985:. Defense Research and Development Canada. Archived from
757:"Metasploit Anti-Forensics Project (MAFIA) - Bishop Fox"
322:, backbone hopping, zombied accounts, trojan commands."
707:
https://www.youtube.com/watch?v=q9VUbiFdx7w&t=2m18s
658:"Black Hat USA 2005 – Catch Me If You Can – 27July2005"
329:). Timestomp gives the user the ability to modify file
961:
Lest We Remember: Cold Boot Attacks on Encryption Keys
660:. Foster, J. C., & Liu, V. (2005). Archived from
2139:
2116:
2100:
2069:
2044:
1984:
1931:
1808:
1719:
1686:
1653:
1600:
1497:
1449:
1396:
1385:
1312:
1136:Counter-Forensic Tools: Analysis and Data Recovery
1104:http://www.dfrws.org/2006/proceedings/6-Harris.pdf
627:"Current and Future Threats to Digital Forensics"
783:"Myths about Disk Wiping and Solid State Drives"
850:"Secure Erase and wipe your SSD, will it work?"
1073:"Tails - Protection against cold boot attacks"
980:"An in-depth analysis of the cold boot attack"
417:Use of chassis intrusion detection feature in
414:that lock, shutdown, or wipe data when ejected
1290:
1188:
403:to prevent stealing by opportunistic thieves.
27:Techniques used to obstruct forensic analysis
8:
1126:Evaluating Commercial Counter-Forensic Tools
1393:
1297:
1283:
1275:
1261:
1195:
1181:
1173:
751:
749:
747:
586:
584:
582:
580:
1098:
1096:
718:
716:
714:
611:
609:
607:
605:
603:
601:
599:
290:Disk degaussing / destruction techniques
554:
564:"Defeating Forensic Analysis on Unix"
384:Software frameworks like USBGuard or
7:
2207:
703:Secure Computing with Anti-Forensics
234:National Industrial Security Program
134:as a "forensic expert's nightmare".
625:Hartley, W. Matthew (August 2007).
354:Attacks against computer forensics
25:
967:. 17th USENIX Security Symposium.
399:Hardware cable anchors using the
2206:
2197:
2196:
1260:
978:R. Carbone; C. Bean; M. Salois.
189:, alternate data streams, (and)
37:are techniques used to obstruct
852:. 23 March 2017. Archived from
478:Effectiveness of anti-forensics
149:, full-volume encryption, and
1:
1266:List of data-erasing software
1250:Physical information security
759:. Vincent Liu. Archived from
425:) rigged with explosives for
2162:Cryptographic hash function
1156: (archived 2012-03-14)
811:"Shred(1) - Linux man page"
493:Cryptographic hash function
2264:
1162:10.1016/j.diin.2006.06.005
1132: (archived 2014-12-30)
212:
177:Other forms of data hiding
2192:
1258:
1210:
2152:Timeline of cryptography
543:Tails (operating system)
518:Forensic disk controller
401:Kensington Security Slot
2147:Outline of cryptography
2118:Anti–computer forensics
1215:Anti–computer forensics
431:destruction of evidence
421:or a sensor (such as a
224:Disk cleaning utilities
31:Anti–computer forensics
18:Anti-computer forensics
2174:Homomorphic encryption
2167:List of hash functions
1306:Cryptographic software
632:. ISSA. Archived from
185:, hidden directories,
2179:End-to-end encryption
701:Henry, P. A. (2006).
538:Plausible deniability
533:Metadata removal tool
264:File wiping utilities
151:plausible deniability
1167:Anti-Forensics Class
905:"Hephaest0s/Usbkill"
549:Notes and references
327:Metasploit Framework
246:BCWipe Total WipeOut
138:the designated key.
913:. 12 February 2022.
893:. 12 February 2022.
523:Information privacy
84:Blackhat Conference
79:conventional wisdom
2233:Computer forensics
1766:Facebook Messenger
1109:2012-03-14 at the
933:. 19 January 2022.
856:on 23 October 2017
799:. 13 January 2020.
785:. 3 December 2012.
763:on 19 January 2016
689:2008-08-19 at the
664:on 19 January 2016
561:The Grugq (2002).
2248:Encryption debate
2238:Counter-forensics
2220:
2219:
2070:Service providers
1804:
1803:
1610:Check Point VPN-1
1272:
1271:
705:. Retrieved from
392:'s administrator
310:Trail obfuscation
286:that support it.
191:hidden partitions
73:Purpose and goals
39:forensic analysis
35:counter-forensics
16:(Redirected from
2255:
2243:Cryptography law
2210:
2209:
2200:
2199:
2048:operating system
2046:Security-focused
1994:
1819:
1394:
1299:
1292:
1285:
1276:
1264:
1263:
1197:
1190:
1183:
1174:
1113:
1100:
1091:
1090:
1083:
1077:
1076:
1069:
1063:
1062:
1055:
1049:
1048:
1041:
1035:
1034:
1032:
1031:
1025:
1018:
1007:
1001:
1000:
998:
997:
991:
984:
975:
969:
968:
966:
955:
949:
948:
941:
935:
934:
921:
915:
914:
901:
895:
894:
881:
875:
872:
866:
865:
863:
861:
846:
840:
839:
837:
836:
827:. Archived from
821:
815:
814:
807:
801:
800:
793:
787:
786:
779:
773:
772:
770:
768:
753:
742:
729:
723:
720:
709:
699:
693:
680:
674:
673:
671:
669:
654:
648:
647:
645:
644:
638:
631:
622:
616:
613:
594:
588:
575:
574:Phrack Magazine.
573:
571:
570:
559:
461:Use by criminals
455:Joanna Rutkowska
443:cold boot attack
427:self-destruction
348:operating system
21:
2263:
2262:
2258:
2257:
2256:
2254:
2253:
2252:
2223:
2222:
2221:
2216:
2188:
2135:
2112:
2096:
2065:
2047:
2040:
1988:
1980:
1951:Java Anon Proxy
1927:
1813:
1812:
1810:Disk encryption
1800:
1776:Google Messages
1761:Signal Protocol
1715:
1682:
1649:
1596:
1493:
1445:
1388:
1381:
1308:
1303:
1273:
1268:
1254:
1206:
1201:
1154:Wayback Machine
1130:Wayback Machine
1122:
1117:
1116:
1111:Wayback Machine
1101:
1094:
1085:
1084:
1080:
1071:
1070:
1066:
1057:
1056:
1052:
1043:
1042:
1038:
1029:
1027:
1023:
1016:
1009:
1008:
1004:
995:
993:
989:
982:
977:
976:
972:
964:
957:
956:
952:
943:
942:
938:
925:"Silk-guardian"
923:
922:
918:
903:
902:
898:
883:
882:
878:
873:
869:
859:
857:
848:
847:
843:
834:
832:
823:
822:
818:
809:
808:
804:
795:
794:
790:
781:
780:
776:
766:
764:
755:
754:
745:
730:
726:
721:
712:
700:
696:
691:Wayback Machine
681:
677:
667:
665:
656:
655:
651:
642:
640:
636:
629:
624:
623:
619:
614:
597:
589:
578:
568:
566:
562:
560:
556:
551:
489:
480:
463:
377:
356:
312:
292:
266:
260:specification.
226:
217:
211:
209:Artifact wiping
179:
159:
128:data encryption
124:
97:
75:
66:
54:Phrack Magazine
47:
28:
23:
22:
15:
12:
11:
5:
2261:
2259:
2251:
2250:
2245:
2240:
2235:
2225:
2224:
2218:
2217:
2215:
2214:
2204:
2193:
2190:
2189:
2187:
2186:
2181:
2176:
2171:
2170:
2169:
2164:
2157:Hash functions
2154:
2149:
2143:
2141:
2140:Related topics
2137:
2136:
2134:
2133:
2128:
2122:
2120:
2114:
2113:
2111:
2110:
2104:
2102:
2098:
2097:
2095:
2094:
2089:
2084:
2079:
2073:
2071:
2067:
2066:
2064:
2063:
2058:
2052:
2050:
2042:
2041:
2039:
2038:
2033:
2028:
2023:
2018:
2013:
2008:
2003:
1997:
1995:
1982:
1981:
1979:
1978:
1973:
1968:
1963:
1958:
1953:
1948:
1943:
1937:
1935:
1929:
1928:
1926:
1925:
1920:
1919:
1918:
1908:
1903:
1898:
1893:
1888:
1883:
1878:
1873:
1868:
1863:
1858:
1853:
1848:
1843:
1838:
1833:
1828:
1822:
1820:
1806:
1805:
1802:
1801:
1799:
1798:
1795:
1794:
1793:
1788:
1783:
1778:
1773:
1768:
1758:
1753:
1748:
1747:
1746:
1741:
1731:
1725:
1723:
1717:
1716:
1714:
1713:
1708:
1703:
1698:
1692:
1690:
1684:
1683:
1681:
1680:
1675:
1670:
1665:
1659:
1657:
1651:
1650:
1648:
1647:
1642:
1637:
1632:
1627:
1622:
1617:
1612:
1606:
1604:
1598:
1597:
1595:
1594:
1589:
1584:
1579:
1574:
1569:
1564:
1559:
1554:
1549:
1544:
1539:
1534:
1529:
1524:
1519:
1514:
1509:
1507:BBM Enterprise
1503:
1501:
1495:
1494:
1492:
1491:
1486:
1481:
1476:
1471:
1466:
1461:
1455:
1453:
1447:
1446:
1444:
1443:
1438:
1433:
1428:
1423:
1418:
1413:
1408:
1402:
1400:
1391:
1383:
1382:
1380:
1379:
1374:
1369:
1364:
1359:
1354:
1349:
1339:
1334:
1329:
1324:
1318:
1316:
1310:
1309:
1304:
1302:
1301:
1294:
1287:
1279:
1270:
1269:
1259:
1256:
1255:
1253:
1252:
1247:
1242:
1240:Gutmann method
1237:
1232:
1227:
1225:Data remanence
1222:
1217:
1211:
1208:
1207:
1202:
1200:
1199:
1192:
1185:
1177:
1171:
1170:
1164:
1147:
1138:
1133:
1121:
1120:External links
1118:
1115:
1114:
1092:
1078:
1064:
1050:
1036:
1002:
970:
950:
936:
916:
896:
876:
867:
841:
816:
802:
788:
774:
743:
738:2012-07-30 at
724:
710:
694:
675:
649:
617:
595:
576:
553:
552:
550:
547:
546:
545:
540:
535:
530:
525:
520:
515:
510:
505:
500:
498:Data remanence
495:
488:
485:
479:
476:
462:
459:
439:
438:
434:
415:
404:
397:
376:
373:
355:
352:
320:misinformation
311:
308:
291:
288:
265:
262:
230:data remanence
225:
222:
210:
207:
178:
175:
158:
155:
123:
120:
96:
93:
74:
71:
65:
64:Sub-categories
62:
46:
43:
26:
24:
14:
13:
10:
9:
6:
4:
3:
2:
2260:
2249:
2246:
2244:
2241:
2239:
2236:
2234:
2231:
2230:
2228:
2213:
2205:
2203:
2195:
2194:
2191:
2185:
2182:
2180:
2177:
2175:
2172:
2168:
2165:
2163:
2160:
2159:
2158:
2155:
2153:
2150:
2148:
2145:
2144:
2142:
2138:
2132:
2129:
2127:
2124:
2123:
2121:
2119:
2115:
2109:
2106:
2105:
2103:
2099:
2093:
2090:
2088:
2085:
2083:
2080:
2078:
2075:
2074:
2072:
2068:
2062:
2059:
2057:
2054:
2053:
2051:
2049:
2043:
2037:
2034:
2032:
2029:
2027:
2024:
2022:
2019:
2017:
2014:
2012:
2009:
2007:
2004:
2002:
1999:
1998:
1996:
1992:
1987:
1983:
1977:
1974:
1972:
1969:
1967:
1964:
1962:
1959:
1957:
1954:
1952:
1949:
1947:
1944:
1942:
1939:
1938:
1936:
1934:
1930:
1924:
1921:
1917:
1914:
1913:
1912:
1909:
1907:
1904:
1902:
1899:
1897:
1894:
1892:
1889:
1887:
1884:
1882:
1879:
1877:
1874:
1872:
1869:
1867:
1864:
1862:
1859:
1857:
1854:
1852:
1849:
1847:
1844:
1842:
1839:
1837:
1834:
1832:
1829:
1827:
1824:
1823:
1821:
1817:
1811:
1807:
1796:
1792:
1789:
1787:
1784:
1782:
1779:
1777:
1774:
1772:
1769:
1767:
1764:
1763:
1762:
1759:
1757:
1754:
1752:
1749:
1745:
1742:
1740:
1737:
1736:
1735:
1732:
1730:
1727:
1726:
1724:
1722:
1718:
1712:
1709:
1707:
1704:
1702:
1699:
1697:
1694:
1693:
1691:
1689:
1685:
1679:
1676:
1674:
1671:
1669:
1666:
1664:
1661:
1660:
1658:
1656:
1652:
1646:
1643:
1641:
1638:
1636:
1633:
1631:
1630:SoftEther VPN
1628:
1626:
1623:
1621:
1618:
1616:
1613:
1611:
1608:
1607:
1605:
1603:
1599:
1593:
1590:
1588:
1585:
1583:
1580:
1578:
1575:
1573:
1570:
1568:
1565:
1563:
1560:
1558:
1555:
1553:
1550:
1548:
1545:
1543:
1540:
1538:
1535:
1533:
1530:
1528:
1525:
1523:
1520:
1518:
1515:
1513:
1512:Bouncy Castle
1510:
1508:
1505:
1504:
1502:
1500:
1499:TLS & SSL
1496:
1490:
1487:
1485:
1482:
1480:
1477:
1475:
1472:
1470:
1467:
1465:
1462:
1460:
1457:
1456:
1454:
1452:
1448:
1442:
1439:
1437:
1434:
1432:
1429:
1427:
1424:
1422:
1419:
1417:
1414:
1412:
1409:
1407:
1404:
1403:
1401:
1399:
1395:
1392:
1390:
1389:communication
1384:
1378:
1375:
1373:
1370:
1368:
1365:
1363:
1360:
1358:
1355:
1353:
1350:
1347:
1343:
1340:
1338:
1335:
1333:
1330:
1328:
1325:
1323:
1320:
1319:
1317:
1315:
1314:Email clients
1311:
1307:
1300:
1295:
1293:
1288:
1286:
1281:
1280:
1277:
1267:
1257:
1251:
1248:
1246:
1245:DoD 5220.22-M
1243:
1241:
1238:
1236:
1235:File deletion
1233:
1231:
1230:Factory reset
1228:
1226:
1223:
1221:
1220:Data recovery
1218:
1216:
1213:
1212:
1209:
1205:
1198:
1193:
1191:
1186:
1184:
1179:
1178:
1175:
1168:
1165:
1163:
1159:
1155:
1151:
1148:
1146:
1142:
1139:
1137:
1134:
1131:
1127:
1124:
1123:
1119:
1112:
1108:
1105:
1099:
1097:
1093:
1088:
1082:
1079:
1074:
1068:
1065:
1060:
1054:
1051:
1046:
1040:
1037:
1026:on 2020-09-18
1022:
1015:
1014:
1006:
1003:
992:on 2020-07-22
988:
981:
974:
971:
963:
962:
954:
951:
946:
940:
937:
932:
931:
926:
920:
917:
912:
911:
906:
900:
897:
892:
891:
886:
880:
877:
871:
868:
855:
851:
845:
842:
831:on 2017-08-29
830:
826:
820:
817:
812:
806:
803:
798:
792:
789:
784:
778:
775:
762:
758:
752:
750:
748:
744:
741:
740:archive.today
737:
734:
728:
725:
719:
717:
715:
711:
708:
704:
698:
695:
692:
688:
685:
679:
676:
663:
659:
653:
650:
639:on 2011-07-22
635:
628:
621:
618:
612:
610:
608:
606:
604:
602:
600:
596:
593:
587:
585:
583:
581:
577:
565:
558:
555:
548:
544:
541:
539:
536:
534:
531:
529:
526:
524:
521:
519:
516:
514:
511:
509:
506:
504:
501:
499:
496:
494:
491:
490:
486:
484:
477:
475:
471:
469:
460:
458:
456:
452:
446:
444:
435:
432:
428:
424:
423:photodetector
420:
419:computer case
416:
413:
409:
405:
402:
398:
395:
394:Ross Ulbricht
391:
387:
383:
382:
381:
374:
372:
369:
365:
360:
353:
351:
349:
345:
341:
335:
332:
328:
323:
321:
317:
309:
307:
305:
300:
297:
289:
287:
285:
280:
276:
272:
263:
261:
259:
255:
251:
247:
243:
239:
235:
231:
223:
221:
216:
208:
206:
203:
199:
194:
192:
188:
184:
176:
174:
172:
166:
163:
162:Steganography
157:Steganography
156:
154:
152:
148:
143:
139:
135:
133:
129:
121:
119:
116:
115:steganography
111:
109:
105:
101:
94:
92:
90:
85:
80:
72:
70:
63:
61:
57:
55:
50:
44:
42:
40:
36:
32:
19:
2117:
1986:File systems
1896:Private Disk
1214:
1204:Data erasure
1081:
1067:
1053:
1039:
1028:. Retrieved
1021:the original
1012:
1005:
994:. Retrieved
987:the original
973:
960:
953:
939:
928:
919:
908:
899:
888:
879:
870:
858:. Retrieved
854:the original
844:
833:. Retrieved
829:the original
819:
805:
791:
777:
765:. Retrieved
761:the original
727:
702:
697:
678:
666:. Retrieved
662:the original
652:
641:. Retrieved
634:the original
620:
567:. Retrieved
557:
481:
472:
464:
447:
440:
378:
361:
357:
336:
324:
313:
301:
293:
267:
227:
218:
215:Data erasure
195:
180:
171:steganalysis
167:
160:
144:
140:
136:
125:
112:
98:
76:
67:
58:
51:
48:
34:
30:
29:
2101:Educational
1906:Sentry 2020
1851:DriveSentry
1771:Google Allo
1377:Thunderbird
1045:"Cold boot"
408:kill cables
202:slack space
183:slack space
104:Obfuscation
100:Data hiding
95:Data hiding
2227:Categories
2092:NordLocker
2036:Tahoe-LAFS
2026:Rubberhose
1966:RetroShare
1841:Cryptoloop
1836:CrossCrypt
1816:Comparison
1786:TextSecure
1744:ChatSecure
1706:RetroShare
1696:Bitmessage
1635:strongSwan
1421:ChatSecure
1332:Claws Mail
1322:Apple Mail
1030:2020-05-15
996:2020-05-15
885:"USBGuard"
835:2020-05-15
767:11 January
668:11 January
643:2010-06-02
569:2019-09-06
513:Encryption
296:degaussing
213:See also:
198:Metasploit
187:bad blocks
132:encryption
122:Encryption
108:encryption
45:Definition
1933:Anonymity
1923:VeraCrypt
1911:TrueCrypt
1901:Scramdisk
1866:FileVault
1831:BitLocker
1826:BestCrypt
1739:Cryptocat
1645:WireGuard
1547:MatrixSSL
1517:BoringSSL
1479:SecureCRT
1441:Profanity
1416:Centericq
1327:Autocrypt
468:espionage
406:Hardware
390:Silk Road
368:integrity
89:espionage
2202:Category
2108:CrypTool
2082:Tresorit
2011:eCryptfs
1971:Ricochet
1871:FreeOTFE
1861:eCryptfs
1846:dm-crypt
1791:WhatsApp
1668:Linphone
1620:Openswan
1587:TeamNote
1572:SChannel
1562:mbed TLS
1542:LibreSSL
1527:cryptlib
1459:Dropbear
1372:Sylpheed
1337:Enigmail
1107:Archived
736:Archived
687:Archived
487:See also
453:founder
451:Qubes OS
375:Physical
331:metadata
316:spoofing
252:and the
2212:Commons
2131:BusKill
2126:USBKill
2077:Freenet
1961:Vidalia
1916:History
1891:PGPDisk
1797:SimpleX
1756:Session
1751:Proteus
1625:OpenVPN
1615:Hamachi
1592:wolfSSL
1582:stunnel
1557:OpenSSL
1489:wolfSSH
1469:OpenSSH
1411:BitlBee
1357:Outlook
1352:Kontact
1346:Gpg4win
1152:at the
1128:at the
528:Keyfile
508:Degauss
437:though.
412:BusKill
386:USBKill
147:keyfile
2184:S/MIME
2031:StegFS
1941:GNUnet
1781:Signal
1729:Matrix
1577:SSLeay
1532:GnuTLS
1484:WinSCP
1436:Kopete
1387:Secure
930:GitHub
910:GitHub
890:GitHub
860:15 May
364:Hashes
342:), a (
284:hdparm
271:BCWipe
2087:Wuala
2061:Qubes
2056:Tails
2001:EncFS
1976:Wickr
1734:OMEMO
1701:Briar
1678:Zfone
1663:Jitsi
1567:BSAFE
1522:Botan
1474:PuTTY
1431:Jitsi
1426:climm
1406:Adium
1024:(PDF)
1017:(PDF)
990:(PDF)
983:(PDF)
965:(PDF)
637:(PDF)
630:(PDF)
503:DECAF
410:like
294:Disk
275:shred
2021:PEFS
2016:LUKS
1991:List
1886:LUKS
1881:geli
1876:GBDE
1673:Jami
1655:ZRTP
1640:Tinc
1537:JSSE
1145:DBLP
862:2020
769:2016
670:2016
344:.doc
340:.jpg
304:NIST
277:and
250:NIST
238:DBAN
106:and
2006:EFS
1956:Tor
1946:I2P
1856:E4M
1721:DRA
1711:Tox
1688:P2P
1602:VPN
1552:NSS
1464:lsh
1451:SSH
1398:OTR
1367:PGP
1362:p≡p
1342:GPG
1158:doi
1143:at
279:srm
258:ATA
254:NSA
242:srm
193:."
33:or
2229::
1095:^
927:.
907:.
887:.
746:^
713:^
598:^
579:^
457:.
318:,
244:,
240:,
41:.
1993:)
1989:(
1818:)
1814:(
1348:)
1344:(
1298:e
1291:t
1284:v
1196:e
1189:t
1182:v
1160::
1089:.
1075:.
1061:.
1047:.
1033:.
999:.
947:.
864:.
838:.
813:.
771:.
672:.
646:.
572:.
433:.
338:(
20:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.