In a message dated 2/11/2008 3:00:22 A.M. Central Standard Time, [EMAIL PROTECTED] writes: >Unless I missed a part of the discussion, all statements that overwriting once is not good enough, were based on rumours, assumptions, theoretical possibilities and negative evidence (data is suggested to be readable until proven otherwise). If my video store says a video is not available and another store can deliver it, does this prove that all video stores that say a video is not available are lying? Is there some report, investigation, official statement to *prove* that overwriting once is not good enough? I am reminded of the epsilon-delta process that I learned in first semester college calculus. "Good enough" for what? You supply me with the "for what" and I'll provide you with the "good enough." If the "for what" is that you want to sell a data erasure product to the United States Department of Defense, then you must fulfill their minimum requirements, for which there might theoretically be no provable basis in fact or experiment, but yet they published a requirement that said disk tracks must be overwritten six times in a row with specifically described, differing bit patterns. If you think that once is good enough, that may be ok for your needs, but you will not sell your erasure product to the DoD. The scientific explanation for what is going on at the atomic level is that when you record a "one" bit on a disk track you do not really write an entity called a "bit" on the track. You magnetize several billion atoms of iron and align them in a certain direction. When you read this bit back, the electronic mechanisms are designed to detect many kinds of errors in reading. One such error is that there is a "weak" signal (not strong enough for the electronics to call it a "one" or a "zero"). What should the electronics do in such a situation? One answer is to re-read the bit. Another is to move the read-write mechanism/transducer laterally an extremely small distance (called head shaking) and retry the read. The farther you move the read/write head away from the theoretical center of where the disk track is supposed to be, the more likely you are to detect magnetized alignment in some of the billions of atoms involved in storing a bit in the immediately adjacent track. Whenever you overwrite a bit, you remagnetize and realign the billions of atoms. But you can never realign 100 percent of them. There will always be a few that do not get realigned properly. The idea behind overwriting many times is that if you have sensitive enough equipment, you can theoretically filter out the 99% of the atoms that are correctly aligned and read only the 1% that are "wrong". This may give you a clue as to what was previously written in that bit's location. If the value of the data is X dollars to your enterprise but 100 times X to your competition (or national enemy), then you need to spend a lot more than X dollars to make sure that your competition cannot read that data. The enemy may be willing to spend 50 times X dollars in research to build the world's most sensitive detector of magnetized atoms of iron or an extremely powerful microscope. Here is one Internet commentary on this subject: _http://www.nber.org/sys-admin/overwritten-data-guttman.html_ (http://www.nber.org/sys-admin/overwritten-data-guttman.html) He refutes the idea that overwritten data can be recovered by any method other than with a microscope. I would suggest that he did not have a Top Secret Compartmentalized clearance for this subject, and thus did not have access to the latest and greatest technology used by the National Security Agency, Central Intelligence Agency, and who knows what other black budget groups of the US government. Such information is not to be found in the public domain. They obviously know the answer, but they aren't telling. Since I don't have this kind of clearance either, I don't know for a fact what these agencies can do. But I did find the DoD's requirement in the public domain, and they want 6 successive overwrites of each track. That is their definition of "good enough." Here is more information: _http://www.forensicswiki.org/wiki/Recovering_Overwritten_Data_ (http://www.forensicswiki.org/wiki/Recovering_Overwritten_Data) Here are some comments lifted from a blog: (1) "while it may be possible to remove data in layers and recover older data that was in its space before, no commercial data recovery company offers this service. (The german computer magazin c't tried to get data recoverd that was overwritten once some time ago. All data-recovery outfits they contacted said they could not do this.) It might be impossible to actually do this, e.g. because the overwritten signal is too close to the noise-level. It used to be possible with older HDD technology, that did not use the magnetic coating to its limits. It is likely possible with floppy disks." (2) "As the data is overwritten once with any disk-fill software, like a drive write test, it becomes pretty much noise added to the latest signal, and as noise, cannot be reliably separated from the signal to become another decodable signal." (3)"> I think all those scares about overwritten data recovery are just > old wives tales to support "data erasure" software sales, repeated > many times by such illiterate paranoid folks as Dvorak of PC mag.
Doesnt explain the DOD standards for wiping and the obsession with melting drives that are being disposed of. You can however certainly claim that thats just an ultra safe approach which should ensure that the data cant be retrieved, and not saying anything useful about how retrievable it is without that." (4) "For current HDDs, I think you are perfectly correct. For older HDDs (several years), floppy disks, some tape variants, recovery of overwritten data may be possible, since they use only part of the available area (differences in positioning od different writes) and part of the available "channel" (s/n ratio, Shannon)." All 4 were from _http://www.tomshardware.com/forum/138943-32-forensic-recovery_ (http://www.tomshardware.com/forum/138943-32-forensic-recovery) ) Bill Fairchild Rocket Software **************Biggest Grammy Award surprises of all time on AOL Music. (http://music.aol.com/grammys/pictures/never-won-a-grammy?NCID=aolcmp003000000025 48) ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
