It does seem like it would be simpler and more reliable to use full disk encryption to encrypt the data before it's written, and just destroy the key if you want to nuke the data.
It does seem like it would be simpler and more reliable to use full disk encryption to encrypt the data before it's written, and just destroy the key if you want to nuke the data.
possiblylinux127@lemmy.zip 20 hours ago
That isn’t good enough for some very sensitive data
notabot@piefed.social 20 hours ago
Destroying the encryption key tends to be the only reliable way to put the data beyond use. Physical destruction techniques like the obe in the article have been tried before, and iften leave the data intact, just destroying the driver side of the chips. It's not easy to retrieve the data, but a sufficiently determined and resourced oppinent can do it.
Obviously, there's no reason not to do both, for added certainty, but if the encryption protocols used in proper FDE are compromised, we have a lot more to worry about.
possiblylinux127@lemmy.zip 14 hours ago
The US has shredders that turn paper into powder. That powder is then disposed to a secure location.