Re: [backstage] The BBC as sheep... and irresponsible ones too
On Thu, 2009-02-26 at 14:59 +, David Greaves wrote: Err, that would be the point... And given that your plot would even work, how many spods on eBay have access to a magnetic force microscope? Obviously the word spods includes BBC reporters (note, not journalist) incapable of entering wiped disc recovery scanning electron paper into Google and getting as the second hit: http://sansforensics.wordpress.com/2009/01/15/overwriting-hard-drive-data/ Which makes a mockery of the whole thing (as do any number of other references that are not obtained from companies making a living from BS). Then there is the paper (read the epilogue especially) which debunks this above linked article by the Author (Peter Gutmann) on who's out-of-date material they based it!! It was published in 1996 and the epilogue was written this year as a strong rebuttal to the sansforensics article. http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html Well worth a read and very insightful... -- Phil Lewis For the lazy: The forensic recovery of data using electron microscopy is infeasible. David - Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. Unofficial list archive: http://www.mail-archive.com/backstage@lists.bbc.co.uk/
Re: [backstage] The BBC as sheep... and irresponsible ones too
Can I just point out that I *didn't* write that. That was David's comment. Thanks, R. On Thu, Feb 26, 2009 at 1:13 AM, Mr I Forrester mail...@cubicgarden.com wrote: Richard Lockwood wrote: In this day and age it *is* important to teach people about electronic security. This story completely fails to do so. - Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. Unofficial list archive: http://www.mail-archive.com/backstage@lists.bbc.co.uk/
Re: [backstage] The BBC as sheep... and irresponsible ones too
Mr I Forrester wrote: Richard Lockwood wrote: Actually I wrote: In this day and age it *is* important to teach people about electronic security. This story completely fails to do so. :) There is something you could argue the BBC should be doing around this. There was a suggestion that Webwise 2.0 could be perfect for this... It has the potential to add more detail than you would want in a story. This: http://www.bbc.co.uk/webwise/askbruce/articles/security/cleandrive_1.shtml is a step in the right direction. David -- Don't worry, you'll be fine; I saw it work in a cartoon once... - Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. Unofficial list archive: http://www.mail-archive.com/backstage@lists.bbc.co.uk/
Re: [backstage] The BBC as sheep... and irresponsible ones too
David Greaves wrote: So here we are, a month after Which? gave out the same dumb advice the BBC follows: http://news.bbc.co.uk/newsbeat/hi/technology/newsid_791/7910045.stm Sensationalist pillock :) I can't wait for someone to be seriously hurt trying to drill through a hard drive. FWIW: http://16systems.com/zero/index.html I'm not an expert, but from my understanding of the theory, that challenge isn't offering anything like enough money. $500 is less than recovery companies charge for a normal recovery. I would have thought at least $10,000 is more like what you would need to offer, maybe more. You'd need something like a magnetic force microscope, and you'd need to read the disk at many times higher resolution than the data was initially recorded on it, so you'd need a large RAID array or something to store your intermediate data. And it would probably take many days to read. Once you've read the drive, you'll probably need to go through several rounds of writing some test data onto it and read it again in order to work out the pattern that the drive writes it's data in. Each of these will require even more massive amounts of time and storage. I suppose you may be able to skip this if you have sufficent documentation from the drive manufacturer, but I doubt it. Robert (Jamie) Munro signature.asc Description: OpenPGP digital signature
Re: [backstage] The BBC as sheep... and irresponsible ones too
Robert (Jamie) Munro wrote: David Greaves wrote: So here we are, a month after Which? gave out the same dumb advice the BBC follows: http://news.bbc.co.uk/newsbeat/hi/technology/newsid_791/7910045.stm Sensationalist pillock :) I can't wait for someone to be seriously hurt trying to drill through a hard drive. FWIW: http://16systems.com/zero/index.html I'm not an expert, but from my understanding of the theory, that challenge isn't offering anything like enough money. $500 is less than recovery companies charge for a normal recovery. I would have thought at least $10,000 is more like what you would need to offer, maybe more. Ah, you didn't allow for the value of the coveted title... King (or Queen) of Data Recovery You'd need something like a magnetic force microscope, snip plot worthy of MacGyver... Err, that would be the point... And given that your plot would even work, how many spods on eBay have access to a magnetic force microscope? Obviously the word spods includes BBC reporters (note, not journalist) incapable of entering wiped disc recovery scanning electron paper into Google and getting as the second hit: http://sansforensics.wordpress.com/2009/01/15/overwriting-hard-drive-data/ Which makes a mockery of the whole thing (as do any number of other references that are not obtained from companies making a living from BS). For the lazy: The forensic recovery of data using electron microscopy is infeasible. David -- Don't worry, you'll be fine; I saw it work in a cartoon once... - Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. Unofficial list archive: http://www.mail-archive.com/backstage@lists.bbc.co.uk/
Re: [backstage] The BBC as sheep... and irresponsible ones too
On Wed, Feb 25, 2009 at 5:41 PM, David Greaves da...@dgreaves.com wrote: So here we are, a month after Which? gave out the same dumb advice the BBC follows: http://news.bbc.co.uk/newsbeat/hi/technology/newsid_791/7910045.stm Sensationalist pillock :) I can't wait for someone to be seriously hurt trying to drill through a hard drive. FWIW: http://16systems.com/zero/index.html David -- Don't worry, you'll be fine; I saw it work in a cartoon once... - Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. Unofficial list archive: http://www.mail-archive.com/backstage@lists.bbc.co.uk/ Waiting for the first legal claim in 5-4-3 M. - Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. Unofficial list archive: http://www.mail-archive.com/backstage@lists.bbc.co.uk/
Re: [backstage] The BBC as sheep... and irresponsible ones too
back in the day, before a recording session we would degauss the reels with a magic wand degausser, on the understanding that doing so to a master tape would mean a fate worse than death. I still have a little one somewhere which I would use on quarter-inch reels, I wonder if that would work on a sealed hard drive? On Wed, Feb 25, 2009 at 7:00 PM, Matt Jones m...@mattjones.me.uk wrote: On Wed, Feb 25, 2009 at 5:41 PM, David Greaves da...@dgreaves.com wrote: So here we are, a month after Which? gave out the same dumb advice the BBC follows: http://news.bbc.co.uk/newsbeat/hi/technology/newsid_791/7910045.stm Sensationalist pillock :) I can't wait for someone to be seriously hurt trying to drill through a hard drive. FWIW: http://16systems.com/zero/index.html David -- Don't worry, you'll be fine; I saw it work in a cartoon once... - Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. Unofficial list archive: http://www.mail-archive.com/backstage@lists.bbc.co.uk/ Waiting for the first legal claim in 5-4-3 M. - Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. Unofficial list archive: http://www.mail-archive.com/backstage@lists.bbc.co.uk/ - Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. Unofficial list archive: http://www.mail-archive.com/backstage@lists.bbc.co.uk/
Re: [backstage] The BBC as sheep... and irresponsible ones too
There's only one way to be sure: http://www.youtube.com/watch?v=sQYPCPB1g3o 2009/2/25 David Greaves da...@dgreaves.com So here we are, a month after Which? gave out the same dumb advice the BBC follows: http://news.bbc.co.uk/newsbeat/hi/technology/newsid_791/7910045.stm Sensationalist pillock :) I can't wait for someone to be seriously hurt trying to drill through a hard drive. FWIW: http://16systems.com/zero/index.html David -- Don't worry, you'll be fine; I saw it work in a cartoon once... - Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. Unofficial list archive: http://www.mail-archive.com/backstage@lists.bbc.co.uk/
Re: [backstage] The BBC as sheep... and irresponsible ones too
Um - what are you suggesting as an alternative? Alright, even with a hole drilled through it, it's still possible to get some data back - the tinier bits you can smash your drive into, the less chance there is of anyone getting the data back in any meaningful form. It's more a question of who would WANT to spend the hours putting a drive back together just to get access to your £500 overdraft facility - ie a question of trouble / worth. Me, I reformat them, smash 'em up with a lump hammer and stick 'em in the general metal recycling at the local recycling centre, on the basis that it's more trouble than it's worth to get data back, just to get my bank details, or my Second Life password.; Where's your problem? R. On Wed, Feb 25, 2009 at 5:41 PM, David Greaves da...@dgreaves.com wrote: So here we are, a month after Which? gave out the same dumb advice the BBC follows: http://news.bbc.co.uk/newsbeat/hi/technology/newsid_791/7910045.stm Sensationalist pillock :) I can't wait for someone to be seriously hurt trying to drill through a hard drive. FWIW: http://16systems.com/zero/index.html David -- Don't worry, you'll be fine; I saw it work in a cartoon once... - Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. Unofficial list archive: http://www.mail-archive.com/backstage@lists.bbc.co.uk/ - Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. Unofficial list archive: http://www.mail-archive.com/backstage@lists.bbc.co.uk/
Re: [backstage] The BBC as sheep... and irresponsible ones too
Richard Lockwood wrote: Um - what are you suggesting as an alternative? Read the 2nd URL. In this day and age it *is* important to teach people about electronic security. This story completely fails to do so. Excerpt from that URL: Legitimate data recovery firms know that recovering data from a zeroed hard drive is impossible. They will not take the challenge. Lastly, it is noble and just to dispel myths, falsehoods and untruths. Whilst it is true that someone with a scanning electron microscope or the ability to build a HDD and the associated electronics by hand could theoretically recover some data from a wiped disk I think (as you do) it's reasonable to assume that a crook buying HDDs on eBay isn't likely to be operating at this level. I actually applaud the BBC/Which? research that found these un-deleted disks and I grant you that most people are not capable of deleting files properly and need to be educated. However, by promoting myths the problem is made worse. A far better approach would have been to recommend any one of the numerous 'disk wipers' such as: http://www.dban.org/about There are charitable organisations all over the world who can reuse IT equipment and despite caveats the BBC are promoting waste and pollution - the junk will be put in the council bins and go to landfill - not be disposed of properly. It's more a question of who would WANT to spend the hours putting a drive back together just to get access to your £500 overdraft facility - ie a question of trouble / worth. Agreed, but as the report showed - destroying them is *hard* and dangerous. Simply erasing them is cheap and a lot safer! *AND* you can donate them to charity. Me, I reformat them, And this is the flaw in your plan and the BBCs. Reformatting does not erase data. The BBC completely failed to say: You may think that reformatting works - you really need to use a special disk eraser such as dban - otherwise you could find your second hand sale costing you more than you could imagine. Where's your problem? I hope that answers you? David -- Don't worry, you'll be fine; I saw it work in a cartoon once... - Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. Unofficial list archive: http://www.mail-archive.com/backstage@lists.bbc.co.uk/
Re: [backstage] The BBC as sheep... and irresponsible ones too
When it boils down to it, you *can* retrieve old data from a zeroed disc. It's a case of is it worth it?. In the case of criminal investigations - maybe it is. In the case of chasing your overdraft, probably not. The problem with the BBC's story is that they fail to make this clear. Cheers, R. On Wed, Feb 25, 2009 at 8:27 PM, David Greaves da...@dgreaves.com wrote: Richard Lockwood wrote: Um - what are you suggesting as an alternative? Read the 2nd URL. In this day and age it *is* important to teach people about electronic security. This story completely fails to do so. Excerpt from that URL: Legitimate data recovery firms know that recovering data from a zeroed hard drive is impossible. They will not take the challenge. Lastly, it is noble and just to dispel myths, falsehoods and untruths. Whilst it is true that someone with a scanning electron microscope or the ability to build a HDD and the associated electronics by hand could theoretically recover some data from a wiped disk I think (as you do) it's reasonable to assume that a crook buying HDDs on eBay isn't likely to be operating at this level. I actually applaud the BBC/Which? research that found these un-deleted disks and I grant you that most people are not capable of deleting files properly and need to be educated. However, by promoting myths the problem is made worse. A far better approach would have been to recommend any one of the numerous 'disk wipers' such as: http://www.dban.org/about There are charitable organisations all over the world who can reuse IT equipment and despite caveats the BBC are promoting waste and pollution - the junk will be put in the council bins and go to landfill - not be disposed of properly. It's more a question of who would WANT to spend the hours putting a drive back together just to get access to your £500 overdraft facility - ie a question of trouble / worth. Agreed, but as the report showed - destroying them is *hard* and dangerous. Simply erasing them is cheap and a lot safer! *AND* you can donate them to charity. Me, I reformat them, And this is the flaw in your plan and the BBCs. Reformatting does not erase data. The BBC completely failed to say: You may think that reformatting works - you really need to use a special disk eraser such as dban - otherwise you could find your second hand sale costing you more than you could imagine. Where's your problem? I hope that answers you? David -- Don't worry, you'll be fine; I saw it work in a cartoon once... - Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. Unofficial list archive: http://www.mail-archive.com/backstage@lists.bbc.co.uk/ - Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. Unofficial list archive: http://www.mail-archive.com/backstage@lists.bbc.co.uk/
Re: [backstage] The BBC as sheep... and irresponsible ones too
On Wed, Feb 25, 2009 at 19:06, Richard Lockwood richard.lockw...@gmail.com wrote: Me, I reformat them, smash 'em up with a lump hammer and stick 'em in the general metal recycling at the local recycling centre, on the basis that it's more trouble than it's worth to get data back, just to get my bank details, or my Second Life password.; Where's your problem? I had a laptop HDD die on my last year. I had to coax the Apple Geniuses (specifically, the manager) to let me have my own hard drive back after the repair. It's been formatted about four times, and now it languishes in a folded-up, sealed electrostatic-resistant baggie. I'll probably use it - bagged - as a paper-weight for a few years, until whatever data might still be hidden within is of no continued sensitivity. Then I'll chuck it out. Does this make me paranoid? I heard that when making Lord of the Rings, the producers loaded a post-production working copy of the movie onto an iPod for them to take to London for the composers and musicians to produce music to. Person carrying it was damn close to getting the thing mugged. It's almost like there aren't free and open source encryption tools... -- Tom Morris http://tommorris.org/ - Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. Unofficial list archive: http://www.mail-archive.com/backstage@lists.bbc.co.uk/
Re: [backstage] The BBC as sheep... and irresponsible ones too
Richard Lockwood wrote: In this day and age it *is* important to teach people about electronic security. This story completely fails to do so. There is something you could argue the BBC should be doing around this. There was a suggestion that Webwise 2.0 could be perfect for this... - Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. Unofficial list archive: http://www.mail-archive.com/backstage@lists.bbc.co.uk/
