Andrew Raibeck wrote:
> That technote needs to be changed. Among other things, the title is
> misleading (read "false").
>
> The main ideas are:
>
> 1) Given enough time, money, tools, and other resources, data on any tape
> written by any product can be reverse-engineered. There is no such thing
> as 100% guaranteed data security, at least none that I am aware of; it is
> just a matter of degree. (OK, granted, if the tape is damaged, then it
> might not be readable... but even then, barring the utter destruction of
> the media, there are tools and other means of getting around the damage.)
>

basically, if you want to ensure that data is not read from
decommissioned tapes, you'll have to physically destroy them. Current
state of technology is such that given enough resources data overwritten
less than 10 times could possibly be recovered. Even TSM encryption (be
it 56 bit DES or the newer 128 bit AES) can both be hacked faster than
brute force. Given enough resources (enter NSA here, be more paranoid)
this is feasible.

So if you want to give any recommendations to anyone, it should be to
destroy the media, or have that be done by a trusted party. There are
even specs on physical destruction wrt it's quality, eg. how hard it is
to repair....

> 2) As one of my colleagues in development pointed out to me, the question
> shouldn't be "can the data be read?", because the answer is almost always
> "yes" (see #1 above). It's really a question of how easily the data can be
> interpreted, as addressed by the earlier responses to this thread.
>
> Andy Raibeck
> IBM Software Group
> Tivoli Storage Manager Client Development
> Internal Notes e-mail: Andrew Raibeck/Tucson/IBM@IBMUS
> Internet e-mail: storman AT us.ibm DOT com
>
> IBM Tivoli Storage Manager support web page:
> http://www-306.ibm.com/software/sysmgmt/products/support/IBMTivoliStorageManager.html
>
> The only dumb question is the one that goes unasked.
> The command line is your friend.
> "Good enough" is the enemy of excellence.
>
> "ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU> wrote on 2006-06-01
> 07:21:10:
>
>> Thanks for the responses I received on this question.  The link to
>> previous responses from Andy was very good in explaining the issues
>> to auditors.  I thought I would also share a tech note that was
>> provided to me through opening a pmr.
>>
>> Technote  # 1212293  Title *  TSM Ensures That Data On Tapes Are Secure.
>
>> .
>> Solution * The customer is responsible for the physical security of the
>> tapes. But the following will explain why reading tapes written by TSM
>> is difficult, if not impossible, to be read by an outside application:
>> 1. First, if client encryption is enabled, 3rd party applications would
>> be prevented from simply reading the data off the tape since it is not
>> in its native form. Please note that you must save the encryption key
>> because once it is lost, no one can retrieve it not even  the TSM
>> development  team.
>> 2. Second, TSM stores the data on the tape in a proprietary format. We
>> insert control information and metadata within the data stream that
>> prevents the data from being read from end to end in its native form.
>> 3. Third, without the TSM database, one would not be able to determine
>> the position of the data on the tape for objects. The data is not stored
>
>> as a filespace as some applications do.
>> Topic Security
>>
>> Brenda Collins
>> Storage Management
>> IBM Global Services
>>
>> Phone: 763-390-5627
>> E-Mail: collinbr AT us.ibm DOT com
>>
>> [image removed]
>>
>>


--
Met vriendelijke groeten,

Remco Post

SARA - Reken- en Netwerkdiensten                      http://www.sara.nl
High Performance Computing  Tel. +31 20 592 3000    Fax. +31 20 668 3167
PGP Key fingerprint = 6367 DFE9 5CBC 0737 7D16  B3F6 048A 02BF DC93 94EC

"I really didn't foresee the Internet. But then, neither did the
computer industry. Not that that tells us very much of course - the
computer industry didn't even foresee that the century was going to
end." -- Douglas Adams