[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Wiping hard drives - Re: debian-user-digest Digest V2011 #1704

All the back and forth. I say, if you want to be truly safe and if you have the means, give your old hard the same treatment as the Terminator in T2...

Other than that, let your security meaures match your threat environment. If you have to worry about National Technical Means, then by all means, slag your drives. Most of us don't have to worry about that. An overwrite or two is sufficient.


On Mon, Sep 19, 2011 at 6:07 PM, Aaron Toponce <aaron.toponce@gmail.com> wrote:
On Mon, Sep 19, 2011 at 12:21:19PM -0400, Lee Winter wrote:
> On Mon, Sep 19, 2011 at 10:27 AM, Aaron Toponce <aaron.toponce@gmail.com> wrote:
> > Have anything to back that up? If you're using drives that used the old MFM
> > or RLL encoding schemes, and had massive space for bits per linear inch,
> > then sure, but on today's drives, with perpindicular encoding, and the
> > extremely dense bit capacity, going more than once is silly.
> That conclusion is not valid.

Show me otherwise.

> All such analysis is sensitive to the value of the data.  If you are
> going up against a serious adversary, colloquially known as "National
> Technical Means", then no amount of overwriting is secure.

FUD. Prove it. Show something that backs up your claim, because logic is
against you.

> If you are going up against an ordinary thief of the machine or drive,
> then a single overwrite is sufficient.  In fact there is no need to
> overwrite the entire drive when the meta-data of directories, inodes,
> journals, etc. is a small fraction of the entire drive.
> I perform this service for commercial recyclers.  In addition to
> scrubbing techniques, some need to damage the drive by rendering it
> non-functional (with a hammer or a drill).  Some need to destroy the
> drive, usually by shredding.  Some need to destroy the recording
> medium, for which incineration tends to be the least expensive.
> For high security situations a combination of scrubbing and physical
> measures are recommended.  For example, unscrubbed media that has been
> finely shredded can still offer recoverable data because the high
> density of the recording means that a very small shred may contain
> many intact sectors of data.

Nope. On older drives, there was a "jitter" that caused the bit to not be
written in exactly the same spot. So, overwritting by only a single pass,
left some of that jitter behind. Using a magnetic microscope, you could
"view" the jitter, as will as the current data, and determine what the
overwritten data was. Thus, the Gutmann Method.

> >> 'shred' does delete data several times. We hardly are able to recover
> >> data that one time really was deleted at home, but CSI is able to do
> >> this
> >
> > [citation needed]
> >
> >> and I'm not talking about the trash that is produced by Jerry
> >> Bruckheimer. There e.g. are real methods with lasers that make it
> >> possible to recover magnetic data from sledgehammer deformed HDDs and
> >> even a private person legally just need to pay some k of Euros to a
> >> company and can benefit from those methods. OTOH nobody is able to
> >> factorise primes, it would take 20 or 30 years to crack openPGP with a
> >> super computer, but if there should be delicate data on your HDDs, that
> >> isn't encrypted, note, it just takes some seconds to open the door of
> >> your flat and to get your HDD that's still in use.
> >
> > You may want to read this, as well as the references the article links to:
> >
> >    http://goo.gl/5QG4U
> >
> > Claiming that you can recover data after a single pass of zeros on today's
> > spinning platters is urban legend.
> No.


> Consider that those organizations able to recover after a single pass
> with known mask pattern have a negative incentive to advertise their
> abilities.

[citation needed]

> One pass scrubbing, even with a variable mask pattern driven by a TRNG
> rather than a PRNG, is ineffective because the write activity hands
> the adversary a complete copy of the mask pattern.  A second pass to
> obscure the mask pattern is strongly recommended.
> > I guess if you like wasting your time,
> > go for it. I've got better things to do than do several passes on a 2TB
> > SATA disk, running at 30MBps, and I can sleep at night knowing that no one
> > will get access to the data.
> Why do you care how long it takes?  Stick the drive in in a spare,
> low-end machine and let it hum for as long as it takes.

Because I only have so many drive bays, and they get used for much more
important things than wasting time erasing magic pixie dust.

. o .   o . o   . . o   o . .   . o .
. . o   . o o   o . o   . o o   . . o
o o o   . o .   . o o   o o .   o o o

Reply to: