At 09:50 AM 7/18/00 -0400, Fisher Mark wrote:
>David Honig writes:
>>You want to overwrite a dozen times with random (each time) data.
>
>I'd be cautious about saying that. Way back when I held a security
>clearance, the instructions were:
>* Overwrite with patterns 99 times for SECRET materials; and
>* Overwrite with patterns 999 times for TOP SECRET materials.
Hmm. I thought I remembered the ~dozen from some FIPS spec, but
I could be wrong. The more the merrier.
>As the forensic technology has undoubtedly improved in the past 20 years, I
>strongly doubt that "a dozen times" would be anywhere close to obscuring all
>evidence of the data. You're much better off physically destroying the disk
>by melting it or somesuch.
Yes but someone wanting to overwrite data may not be in a position
to destroy the medium. E.g., its your working machine's hard drive.
>If you don't have the option of physically destroying the disk, writing
>random data for a few hours ought to get you on the way towards making your
>original data unrecoverable. (Note that I said "on the way"!)
Now there's a good use of the idle cycles on a secure machine: the wiping
daemon.
