On Thu, 09 Aug 2012 08:53:27 -0500 Dale <rdalek1...@gmail.com> wrote:
> Alex Schuster wrote: > > Dale writes: > > > >> I have seen where people use dd to do this sort of thing to. I > >> read somewhere that if you do a dd and put in all 1's, then all > >> 0's then back again that it is very hard to get any data back off > >> the drive. I think if you do it like over a dozen times, it is > >> deemed impossible to get anything back. I think that is the > >> Government standard of it's gone. > > There's no need for multiple passes of dd with different values. > > > > http://www.h-online.com/security/news/item/Secure-deletion-a-single-overwrite-will-do-it-739699.html > > > > Wonko > > > > > > > I wonder what some Government org like NSA would think about this? > Then again, they may want us to believe this so they can get stuff > back. ;-) ;-) > > That said, I always wondered how something can be there when it is > erased. On paper, I can see that because it made a physical change to > the paper but on magnetic media, it is magnetic not physical. It's quite simple once you understand how disks work. In textbooks we need to keep things simple, so we say things like "the magnetic particles are all aligned this way for a 0 and that way for a 1". This gets the concept across but it also let's people believe that bits on a disk are very much binary - like a light switch or a transistor they are either on or off. In practice, nothing could be further from the truth. With disk magnetic media, you aren't dealing with a single isolated thing (such as a chunk of disk that can only be one way), you are dealing with a very very large number of magnetic particles that go to make up one bit. It's how they average out that makes the drive think it's a 0 or a 1. It all works much like tape cassettes - the head has a little coil of wire in it and current flows through the coil. It passes near a magnetic field on the tape, and the current in the coil changes. Read the amount of change using fancy electronics, and voila! you have audio. In the case of disks, it's voila! you have a stream of bits. Disk drives can't afford to be almost right like audio tape though, they have to be exactly right so the drive has some amazing maths built into it for error-correction and redundancy. I believe something like 40% of the space containing raw data is pure error checking (so your 3T drive is actually 4.1T, but you will only ever get to use 3T) The trick is, when you overwrite an area of the disk, you don't erase everything, there are some traces left behind. Pencil and paper is a good analogy. Write something in pencil. Erase wit with a rubber eraser, and write something else in the same space. Now hold the paper up to the light and if you know how to look you can see the indents in the paper from the first thing you wrote. Train your eyes to ignore what's written there now and only look at dented paper with no lead marks, and you can read things quite clearly. James Bond was especially good at this but that's a movie so real life isn't *that* quick. Sekrit magic disk software does a very similar thing - it ignores the current data and looks for traces left behind from the last write, and the ones before that. This trick isn't universal of course. As drive technology advances and IBM figures out new ways to do it, they come up with ideas like using the _depth_ of the magnetic material too. Neat trick - you can double the data stored in the same surface area. With each technology advance, things change a lot, so the amount of reading backwards you can do is always changing and depends very much on exactly what drive you have. -- Alan McKinnon alan.mckin...@gmail.com
