Schneier on Security
A blog covering security and security technology.
« Burmese Government Seizing UN Hard Drives |
| Cheap Cell Phone Jammer »
October 9, 2007
Mesa Airlines Destroys Evidence
How not to delete evidence. First, do something bad. Then, try to delete the data files that prove it. Finally, blame it on adult content.
Hawaiian alleged Murnane -- who was placed on a 90-leave by Mesa's board last week -- deleted hundreds of pages of computer records that would have shown that Mesa misappropriated the Hawaiian information.
But Mesa says any deletion was not intentional and they have copies of the deleted files.
"He (Murnane) was cruising on adult Web sites," said Mesa attorney Max Blecher in a court hearing yesterday. Murnane was just trying to delete the porn sites, he said.
EDITED TO ADD (11/6): In the aftermath, the CFO got fired and Mesa got hit with an $80 million judgment. Ouch.
Posted on October 9, 2007 at 2:02 PM
• 14 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
I believe the Mesa file deletion happened after the court order requiring them to turn the data over. It's a crime.
I'm all for deleting browing history, cookies, etc, at regular intervals, and have my computer set up to do it automatically.
Actually, there are laws that require the maintenance of specific types of records for business and legal purposes.
So you can't delete some records at all.
For example, the Federal Government must backup and keep ALL emails, written documents, and electronic documents forever.
If you work for the Feds, you have no secrets on your computer.
There is also the issue of recovery. Good techs with the right tools and software can recover data at least as many as 10 to 20 generations back or more.
That is why file scrubber software often writes patterns over and over thousands of times to "clean" a hard disk. Usually bits of 1's and 0's in various patterns
Exactly how many layers that can really be recovered is dependant on the current state of the art technology.
The top of the line stuff is likely classified and in the hands of the government. The NSA, CIA, or the Military.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.