| TL;DR The authors egregiously diminish legitimate attack vectors that require only the recovery of a priori known data. The authors dismiss the security value of wiping a hard disk, based on their thesis that weakly-deleted data cannot be recovered without a priori knowledge of that data's content. They argue the requirement of a priori knowledge of the data to recover negates the security risk of said recovery; this--they argue--reduces the threat model to more of an academic exercise. What the authors totally neglect, however, is the security risk of confirmation: the risk that an attacker might confirm that the target hard disk did, indeed, store certain data, where the content of that data is known a priori. Example:
Say I have obtained a trove of private incriminating documents associated with some anonymous person, X. I suspect, but don't know, that X is my target, Bob. I would like to prove that Bob is X, and X is Bob, so that I can definitively pin X's crimes on Bob.
Say X uses some electronic signature to authenticate his original work as his own. If Bob is X, I should expect Bob's hard disks contain a statistically aberrant abundance of copies of X's signature. Thus, to pin X's crimes on Bob, if Bob is indeed X, it is sufficient to recover data from Bob's hard disk--data of which I have complete knowledge a priori--namely, X's digital signature. While I take no issue with the facts, I find the author's conclusions reckless. It seems in their haste to "bust the myth," they extend their result beyond its valid range of application. What could have been a useful clarification on the low risk of _unknown_ data recovery has become a wild and dangerous generalization, 'debunking' best practices. |