On Mon, Sep 19, 2011 at 12:21:19PM -0400, Lee Winter wrote: > On Mon, Sep 19, 2011 at 10:27 AM, Aaron Toponce <aaron.toponce@gmail.com> wrote: > > Have anything to back that up? If you're using drives that used the old MFM > > or RLL encoding schemes, and had massive space for bits per linear inch, > > then sure, but on today's drives, with perpindicular encoding, and the > > extremely dense bit capacity, going more than once is silly. > > That conclusion is not valid. Show me otherwise. > All such analysis is sensitive to the value of the data. If you are > going up against a serious adversary, colloquially known as "National > Technical Means", then no amount of overwriting is secure. FUD. Prove it. Show something that backs up your claim, because logic is against you. > If you are going up against an ordinary thief of the machine or drive, > then a single overwrite is sufficient. In fact there is no need to > overwrite the entire drive when the meta-data of directories, inodes, > journals, etc. is a small fraction of the entire drive. > > I perform this service for commercial recyclers. In addition to > scrubbing techniques, some need to damage the drive by rendering it > non-functional (with a hammer or a drill). Some need to destroy the > drive, usually by shredding. Some need to destroy the recording > medium, for which incineration tends to be the least expensive. > > For high security situations a combination of scrubbing and physical > measures are recommended. For example, unscrubbed media that has been > finely shredded can still offer recoverable data because the high > density of the recording means that a very small shred may contain > many intact sectors of data. Nope. On older drives, there was a "jitter" that caused the bit to not be written in exactly the same spot. So, overwritting by only a single pass, left some of that jitter behind. Using a magnetic microscope, you could "view" the jitter, as will as the current data, and determine what the overwritten data was. Thus, the Gutmann Method. > >> 'shred' does delete data several times. We hardly are able to recover > >> data that one time really was deleted at home, but CSI is able to do > >> this > > > > [citation needed] > > > >> and I'm not talking about the trash that is produced by Jerry > >> Bruckheimer. There e.g. are real methods with lasers that make it > >> possible to recover magnetic data from sledgehammer deformed HDDs and > >> even a private person legally just need to pay some k of Euros to a > >> company and can benefit from those methods. OTOH nobody is able to > >> factorise primes, it would take 20 or 30 years to crack openPGP with a > >> super computer, but if there should be delicate data on your HDDs, that > >> isn't encrypted, note, it just takes some seconds to open the door of > >> your flat and to get your HDD that's still in use. > > > > You may want to read this, as well as the references the article links to: > > > > http://goo.gl/5QG4U > > > > Claiming that you can recover data after a single pass of zeros on today's > > spinning platters is urban legend. > > No. Yes. > Consider that those organizations able to recover after a single pass > with known mask pattern have a negative incentive to advertise their > abilities. [citation needed] > One pass scrubbing, even with a variable mask pattern driven by a TRNG > rather than a PRNG, is ineffective because the write activity hands > the adversary a complete copy of the mask pattern. A second pass to > obscure the mask pattern is strongly recommended. > > > I guess if you like wasting your time, > > go for it. I've got better things to do than do several passes on a 2TB > > SATA disk, running at 30MBps, and I can sleep at night knowing that no one > > will get access to the data. > > Why do you care how long it takes? Stick the drive in in a spare, > low-end machine and let it hum for as long as it takes. Because I only have so many drive bays, and they get used for much more important things than wasting time erasing magic pixie dust. -- . o . o . o . . o o . . . o . . . o . o o o . o . o o . . o o o o . o . . o o o o . o o o
Attachment:
signature.asc
Description: Digital signature