Phil Lewis wrote: > On Thu, 2009-02-26 at 14:59 +0000, David Greaves wrote: >> Err, that would be the point... >> >> And given that your plot would even work, how many spods on eBay have access >> to >> a magnetic force microscope? >> >> Obviously the word spods includes BBC reporters (note, not "journalist") >> incapable of entering >> "wiped disc recovery scanning electron paper" >> into Google and getting as the second hit: >> http://sansforensics.wordpress.com/2009/01/15/overwriting-hard-drive-data/ >> >> Which makes a mockery of the whole thing (as do any number of other >> references >> that are not obtained from companies making a living from BS). > > Then there is the paper (read the epilogue especially) which debunks > this above linked article by the Author (Peter Gutmann) on who's > out-of-date material they based it!! > > It was published in 1996 and the epilogue was written this year as a > strong rebuttal to the sansforensics article. > > http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html > > Well worth a read and very insightful...
I read this some time ago and actually that was the link I was looking for - sadly my search-fu let me down - thanks for sharing. My reading of the epilogue is that they don't debunk it so much as critique it. I think the main point of the sansforensics article is the statistical analysis: "Therefore, there is a chance of correctly choosing any bit in a selected byte (8-bits) – but this equates a probability around 0.9% (or less) with a small confidence interval either side for error." In any case the summary of the 'epilogue' is: "Any modern drive will most likely be a hopeless task, what with ultra-high densities and use of perpendicular recording I don't see how MFM would even get a usable image, and then the use of EPRML will mean that even if you could magically transfer some sort of image into a file, the ability to decode that to recover the original data would be quite challenging." ie: Even with super-advanced tech like MFM it is not feasible to recover data from a wiped drive - although secret squirrel level security people may be nuts enough to try. So I'm not sure how it classes as a "rebuttal" when the conclusion is the same? (Although I do agree that they disagree on the technique used to reach the conclusion). By all means get the reporter to attempt this technique - the paper does say: "Even for a relatively inexperienced user the time to start getting images of the data on a drive platter is about 5 minutes." *That* would be a fascinating story no matter what the outcome! Of course, finding an MFM that the owner will let you "have a go" on may be trickier... maybe the spods buying your drives on eBay know something we don't? Oh, my wife noticed the story is no longer linked to on the technology page - and they do tend to hang around normally. Maybe someone is paying attention :) David -- "Don't worry, you'll be fine; I saw it work in a cartoon once..." - Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. Unofficial list archive: http://www.mail-archive.com/backstage@lists.bbc.co.uk/