Highest Voted 'storage' Questions - IT Security Stack Exchange

18

votes

2 answers

Secure wiping of EEPROM and flash memory

Older magnetic storage exhibited some data remanence, so a recommendation emerged to wipe data by overwriting it multiple times with varying patterns — the “Gutmann wipe”. More recent hard disk technology does not require such precautions. What are…

asked Jun 11 '13 at 19:09

Gilles 'SO- stop being evil'

50,912
13
120
179

17

votes

4 answers

Does Windows have a built-in password store?

What passwords are stored in Microsoft Windows? How can I know what password are saved in computer?

passwords windows storage windows-8

asked Jul 25 '14 at 00:22

user52633

171
1
1
3

16

votes

2 answers

Is it really secure to store API keys in environment variables?

This site says it is best to keep API keys in environment variable out of the code. And here Storing Credentials Securely You should take great care to ensure your credentials are stored securely. If someone obtains your api_key or an access_token…

key-management storage shared-hosting

asked Feb 01 '14 at 07:22

Chloe

1,668
3
15
30

14

votes

1 answer

Is a single pass enough when disposing of a HDD?

I am in the process of wiping a number of hard drives using DBAN. I always believed that a single pass makes the data near impossible to recover, but DBAN has a default of 3. Is it any more secure, and if so, is it worth the extra time required?

storage

asked Feb 15 '16 at 11:28

Terry

1,125
1
9
16

13

votes

3 answers

Why are drives overwritten three times when being disposed of?

I am looking at the secure disposal of old flash drives, and one of the standards I have come across says that they should be overwritten three times. Why is one time not enough? I assume doing the process three times is more expensive than doing it…

storage deletion destruction disposal

asked Oct 30 '14 at 13:15

Arlix

1,459
3
13
22

13

votes

2 answers

How could a system be zero-knowledge?

I'm actually interested about zero-knowledge storage system. Those system where the storage provider claims he can't have any access to the data stored. As far I know, the data are encrypted using a symmetric encryption system, such as AES or…

encryption storage

asked Aug 28 '14 at 12:05

user54607

11

votes

1 answer

Convenient Write Once Media to attach to a computer: A USB stick or device?

What is a convenient write once media to use with a Computer, preferably via the USB interface. I often see this use-case in several ways: I have a server whose logs need to be on a medium that cannot later be erased or changed by an adversary to…

storage local-storage

asked Aug 07 '15 at 17:17

curious_cat

1,013
1
11
18

11

votes

3 answers

How secure is Intel SSD Encryption?

Are there any known flaws in the full disk encryption on Intel 520 series SSD drives? Specifically, it seems these drives generate an internal AES key automatically, even when no password is set. But is the ATA password (also known as "BIOS HDD…

encryption aes storage

asked Sep 17 '12 at 13:43

LTR

213
1
2
5

11

votes

6 answers

It is safe to store photos and documents on skydrive / google cloud services?

I have over 20GB of photos and documents stored on my hard disk without a backup. I'm thinking about saving all of them in a cloud service such as Microsoft Skydrive or google cloud, but I'm wondering if it is really safe... I mean, can I trust…

cloud-computing backup storage

asked Apr 25 '12 at 13:30

Diogo

657
2
5
10

10

votes

5 answers

Storing CVC / CVV / CVV2 until payment is processed

I need to store the payment info of a transaction. We have a script that reads which transactions haven't yet been sent to our ERP (the business management software), to then send it. This script runs every several minutes. According to PCI DSS, I…

pci-dss credit-card storage

asked Jul 02 '14 at 19:59

leo0

103
1
1
4

10

votes

1 answer

Is the SD card write protection hard-wired or optional?

According to Wikipedia, the SD card reader recognizes if the little tab on the left of the SD card is in the "lock" position or not. Thus, a SD card reader can still write on the SD card even if the write protection is on by ignoring it. Is it true…

hardware integrity storage flash-memory

asked Mar 14 '14 at 08:51

Andalur

2,032
1
14
12

10

votes

1 answer

Are there any secure ways to store the secret key used in a TOTP scheme?

I'm writing a little webapp that demonstrates 2 factor authentication. I'm using the TOTP protocol as described in RFC 6238. In our scheme, we are storing, in addition to a b-crypted password hash for each user, a secret key, which is used to…

databases storage one-time-password

asked Mar 01 '14 at 06:41

Wug

293
3
8

9

votes

2 answers

WORM media types

Why types of media are Write Once Read Many (WORM) other than CD-R, and DVD-R, say, something in the 100GB range? Are there such devices? What would it take to read them? Are the devices like this that can do their one write, and all their reads…

hardware storage

asked Dec 10 '11 at 23:02

soandos

533
3
14

9

votes

4 answers

Where should a team store server credentials

Imagine we are working in a team of around 5 people. We all install new servers on a monthly base and need to find a better way of storing and sharing the server credentials (offline-location/webadress, root login, db login, ...) somewhere where the…

storage credentials

asked Oct 09 '14 at 05:20

Preexo

215
2
4

9

votes

5 answers

Where do I securely store application-specific symmetric key?

I am writing an application App1. This application uses SQLite database and I plan to encrypt it using AES256. For symmetric encryption I need a key, which I need to store somewhere. From a similar questions I have a few options, but none is…

encryption windows key-management aes storage

asked Mar 14 '13 at 15:12

oleksii

1,046
1
9
19

Questions tagged [storage]