Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!execu!sequoia!balkan!dogface!bei Newsgroups: comp.org.eff.talk Subject: Summary: the "Bad Backups" survey Message-ID: <5RwRs1w163w@dogface> Date: 17 Nov 90 09:12:51 GMT Organization: It's Only A Model Lines: 131 The votes are in on the question of whether, given old backups with information that you can't legally have on them, people would keep the tapes as is, or render the information inaccessible to anyone. All the votes received fell into the YES and MAYBE categories. YES votes came from: zane@ddsw1.mcs.com (Sameer Parekh) cs.utexas.edu!v7fs1!mvp (Mike Van Pelt) lance@wnss (Lance Spangler) Chris Siebenmann joe@zitt (Joe Zitt): johnsonr@spot.colorado.edu (Richard Johnson): The subject drew some response in the comp.org.eff.talk newsgroup, as in this message from karish@pangea.Stanford.EDU (Chuck Karish): [ complete message follows ] I'm following up on this subject rather than responding to the straw poll because I thiunk there are are interesting and relevant issues here that can't be summed up into 'YES' or 'NO'. My initial response to this question is that my responsibility is to see that the information in question isn't disseminated, not necessarily to remove all evidence that it was once available on line. Following this logic, I'd keep the backups secure, and keep a note with them to remind me that certain steps must be taken after a full restore (deletion of the offending data). It would be irresponsible for me to destroy the backups and risk significant harm to my business in the event of a data-loss disaster. In addition, I might be required by contract and, in some cases, by law to maintain certain records; in fact, I am working on two projects right now that have such requirements. To destroy backup tapes would reduce my assurance that the required records could be retrieved at any time. Nontheless, it might be the case in this situation and in the related situation where improperly-obtained copyrighted information is on tape that my approach would not stand up to a strict legal interpretation. I could wind up in a standoff with the rightful owner of the data in which neither of us would trust the other to safeguard his data, and the only solutions would be to destroy the tapes or to restore, sanitize, and re-archive the data. [ end of Chuck Karish's message ] and this from landon@Apple.COM (Landon Dyer): [ complete message follows ] As an additional prescription against disaster, encrypt the backups. This gives you: o Plausible deniability. "Gosh, sir, it looks like *all* of my backups are bad like this. Holy cow!" o The ability to stonewall. The interesting question is, are you required to reveal the key if your backups are siezed? Ah, but human memory can be _so_ frail.... [ end of Landon Dyer's message ] which drew this response from jgd@rsiatl.UUCP (John G. DeArmond) [ complete message follows ] I don't know why we spend so much time thinking up trite methods to skirt the law. The fact is that if reading a tape backup became an issue in court, and you had the data encrypted, the judge WOULD order you to reveal the password (I know from experience.), perhaps under seal. If you "forgot" the password, the judge would most likely allow you to reconsider your memory loss while sitting in jail on contempt. If you lie about it, you'll probably spend a LOT of time in jail thinking about perjury. When that issue came up in a case I was involved in, my attorney warned me that the WORST thing I could do would be to have a memory loss. We did keep the tapes secret but it was because we convinced the judge that we'd suffer irreprable harm if the contents were released to the other side and NOT because we tried to fool the court with juvenile tricks. BTW, I DID have to give the judge ALL involved passwords and they WERE kept from the other side. Since the law almost always looks at intent, the mere fact that a proprietary file is on a backup tape that is generally inaccessable to users is not incriminating. Inaccess coupled with the fact that you have made no illegal use of the data is adequate defense. Of course, if you have a handle like "Lord of Data Death" and enjoy cracking others' computers, you maybe should be paranoid and degauss the tapes BEFORE it becomes an issue. [ end of John DeArmond's message ] There was this from that Elder Statesman without CapsLock ;-), John F. Haugh II: [ complete message follows ] i've been stuck in exactly that predicament. someone posted a copy of the AT&T "yacc" sources and AT&T sent me a nasty note asking me to certify that i had removed all copies from the system. for some time after i had a copy of "yacc" source code laying around on old backup tapes. i am pretty sure it is all gone now, but i do check backup tapes and disks before i release them from my control for anything else that may not belong on them. [ end of John F. Haugh II's message ] and a pragmatic response from "J. Eric Townsend" : [ complete message follows ] I would save the tapes, but go through and delete the illegal material. I'd charge the person responsible for putting them there with the cost, if at all possible. [ end of "J. Eric Townsend"'s message ] In asking the question, I made it pretty black and white: Save the backups or not? The option of reading the tapes back in, wiping the offending info and writing everything else back out struck me as (1) an option everyone might not have, for disk space or other reasons, and (2) doubling the possibility of error in that information (on reading from and writing to the backup media.) It seems that I may have been splitting hairs in that assumption. Playing Devil's Advocate a bit more, I'd like to ask anyone who'd have kept the tapes intact how they would have demonstrated that the information would never be restored. As troublesome an undertaking as it would be, making a "clean" set of backups seems like the safest reaction. My thanks to everyone who responded! -- Bob Bob Izenberg (512) 346 7019 [ ] cs.utexas.edu!{kvue,balkan}!dogface!bei