Lee Winter wrote:
[snip]
Yup, that's the one.
Please read the first paragraph of the section entitled "Epilogue" and
compare it to the summary I gave above in the last paragraph. It was
my intention that they mean the same thing.
In the section entitled "Further Epilogue" he goes on to describe the
hopelessness of trying to recover info from a modern drive. That
section is the target of my comments re the opinion of an expert who
states he does not know how to accomplish a certain task. There is
absolutely nothing wrong with his statement. There is everything wrong
with the reader mis-interpreting his statement as evidence or proof
that the certain task is infeasible.
Case in point. A couple of years ago one of the major financial
companies (3rd I think) in NYC was concerned about reducing costs.
They run an IT-intensive operation so they recycle machines often.
That is expensive. But a 1-or-2-year-old HD is reasonably valuable.
So they wanted to recycle them rather than destroy them.
But they have _extremely_ valuable information on even their desktop
drives. Many contain customer information, so, as a fiduciary, any
preventable leakage would essentially put them out of business. Other
drives may contain strategic information either in the form of
documents or in transaction records. And of course the data-center
drives are even more valuable. What's all that information worth?
Many zeros. _Many_.
As an aside, shredding is a popular method of drive destruction. But
modern drive densities are so high that even a shred 0.01" square can
hold valuable data, so physical destruction alone is not sufficient.
That may have something to do with the fact that _internal_ gov't
standards allow only a very few kinds of physical destruction -- i.e.,
complete to the level of a minimum-sized magnetic domain of the
particular recording media. Think acid, thermite, grinding/abrasion,
etc.
Given the incredible value of the financial system data, how much is it
worth to recover it? The modern recovery process usually has two
distinct phases, one quite capital- and skill-intensive and one quite
ordinary. The first phase is to build a data recovery capability
(lab). That takes time, money, and skilled labor. The second phase is
operating the recovery lab, which is fairly cheap. It isn't very fast
though (meaning long latency, but not meaning low throughput).
Point is that once you have such a capability many unreasonable
possibilities become quite reasonable. And industrial espionage is a
thriving industry. Just who owns (or more importantly controls) the
recycling company that hauls away your machines/drives?
Have you ever taken a drive apart, replaced the drive electronics and
resold it? People do it all the time. And if the replacement happens
to be a much more sophisticated board, you can read lots of things that
the original drive electronics could not. If you open the sealed
module to get at (replace) the HDA you can do a great deal more. If
you have serious cash available, like $1e8, you can get a low-level
image of the platters with an STM and turn a computing cluster loose on
the image. That's just an (extremely) advanced form of OCR. C.f.
"palimpsest".
Point of this mini-rant is that it is very easy to underestimate
security threats. People should resist that tendency.
Disclaimer: I no longer participate in drive recycling, so I'm not
"selling" anything here. Just providing a word to the wise.
Lee Winter
NP Engineering
Nashua, New Hampshire
Well, it seems like we might agree on this one. My point is that, just
because an expert (or 'expert') says it is impossible to recover data
from a modern drive does not make it true. As Mr. Guttman points out,
we only have the standards that are *published* by various governments,
and we all can agree that those published standards don't tell the
whole story, for various reasons.
Only the FBI and those who work for them know what they are *really*
capable of recovering from a wiped hard drive - most of their methods
and capabilities are certainly classified. The CIA probably has
similar methods, and I assume that other governments around the world
have theirs. The methods to destroy drives that contain classified
data are also most certainly classified, so a real expert in either
area would not be at liberty to say what they are.
However, it is just a guess, but I don't think that anyone here has
data on their drives that is so sensitive that it would require extreme
measures to destroy the data (e.g. destroy the drive). I would think
that, for most, a simple wipe would be sufficient, since most
individuals don't have access to an STM or the skills to use it.
Chris
|