"Gregh" <[EMAIL PROTECTED]> writes: > ----- Original Message ----- > From: "Maarten" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Tuesday, July 13, 2004 7:23 AM > Subject: Re: [Full-Disclosure] Erasing a hard disk easily > > >> >> An overwrite with all zeros will -allegedly- not withstand a serious >> data-recovery attempt by professionals, not even when repeated. > > I know you stated "allegedly" but this subject interests me. Many years ago, > a good friend of mine who had been in to pirating and suddenly realised he > could end up behind bars if he was ever caught got the shakes thinking about > it. He deleted it all and I let him know that wasn't good enough. He got > hold of a simple basic program that kept looping until the disk was full, > writing a line of 80 of the number "8" to the disk making one file that got > bigger and bigger until, ultimately, it filled the disk. Once filled, it > would close the file and all you had to do was boot into DOS and delete it > and the space was free once more all overwritten with the number "8" > wherever you looked with a sector editor.
See "Secure Deletion of Data from Magnetic and Solid-State Memory" at http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html If it's sensitive, it often gets physically destroyed. If it's not, "wipe -k /dev/hda" will do, from a Knoppix prompt, with whatever parameters you feel appropriate. from 'man wipe': "Recovery of supposedly erased data from magnetic media is easier than what many people would like to believe. A technique called Magnetic Force Microscopy (MFM) allows any moderately funded opponent to recover the last two or three layers of data written to disk; wipe repeadetly over- writes special patterns to the files to be destroyed, using the fsync() call and/or the O_SYNC bit to force disk access. In normal mode, 34 patterns are used (of which 8 are random). These patterns were recommended in an article from Peter Gutmann [email elided] entitled "Secure Deletion of Data from Magnetic and Solid-State Memory". A quick mode allows you to use only 4 passes with random patterns, which is of course much less secure." ISTR that 'moderately funded' is in the order of 10K USD, but unfortunately I don't get to play with those kinds of toys. cheers, Jamie -- James Riden / [EMAIL PROTECTED] / Systems Security Engineer Information Technology Services, Massey University, NZ. GPG public key available at: http://www.massey.ac.nz/~jriden/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
