RE: [heise online UK] Secure deletion: a single overwrite will do it
On Mon, 19 Jan 2009, Stefan Kelm wrote: > ...it has to be overwritten completely, sector > by sector. Although this takes time, it costs nothing: the dd command in > any Linux distribution will do the job perfectly. Note quite perfectly, and not nearly as fast as the built-in option (see below). On Mon, 20 Jan 2009, Jason wrote: >I agree in general, although you still have to watch out for "reserve tracks" >(search on this page)."All hard disks have reserved sectors, which are >used automatically by the >drive logic if there is a defect in the media.": Yes the main areas you are referring to are known as the P-List (Primary Defects List – manufacture defect info that does not change) G-List (Grown Defects Lists – sector relocation table). You can only access the P-List with special commands and tools. However, you can wipe the G-List are if you do it outside of an OS (or a tool that can access the system area), since the OS knows nothing of these sectors. The easiest (possible the best because of speed) way to accomplish this in modern ATA hard drives (2001 forward) is with the built-in Secure Erase program. Conveniently placed there for us by Recording Research (CMRR) headed by Gordon Hughes, Associate Director of CMRR, USSD on the Secure Erase Initiative. ""At the ANSI T-13 Committee meeting in 2004, Gordon described the differences between block erase as described in government document DoD2550 and Secure Erase. Unlike block level erase Secure Erase also overwrites reassigned blocks and can be up to eight times faster (per CMRR tests). In addition the enhanced SE command qualifies for Federal Government secret data classification erasure."" You can download a DOS-based utility HDDerase that securely erases all data on ATA hard disk drives via the internal secure erase command. http://cmrr.ucsd.edu/people/Hughes/SecureErase.shtml And yes, I am the same Dave Kleiman from the paper. - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
Re: [heise online UK] Secure deletion: a single overwrite will do it
Peter Gutmann has responded http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html (see the "Further Epilogue" section well down the page) --dan - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
Re: [heise online UK] Secure deletion: a single overwrite will do it
On Mon, 19 Jan 2009, Stefan Kelm wrote: ... and who knows where else? Really, to ensure that nothing more can be recovered from a hard disk, it has to be overwritten completely, sector by sector. Although this takes time, it costs nothing: the dd command in any Linux distribution will do the job perfectly. I agree in general, although you still have to watch out for "reserve tracks" (search on this page): http://forum.hddguru.com/seagate-terminal-commands-t6411.html "All hard disks have reserved sectors, which are used automatically by the drive logic if there is a defect in the media.": http://cisn.metu.edu.tr/97-2/hardware.html Those could perhaps be used to smuggle data out of a wiped disk. Or, if your disk firmware is (or someday becomes) clever enough to transparently swap out dying sectors with those from its reserved store, you could accidentally end up with data on the disk that dd would miss. - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
[heise online UK] Secure deletion: a single overwrite will do it
The myth that to delete data really securely from a hard disk you have to overwrite it many times, using different patterns, has persisted for decades, despite the fact that even firms specialising in data recovery, openly admit that if a hard disk is overwritten with zeros just once, all of its data is irretrievably lost. Craig Wright, a forensics expert, claims to have put this legend finally to rest. He and his colleagues ran a scientific study to take a close look at hard disks of various makes and different ages, overwriting their data under controlled conditions and then examining the magnetic surfaces with a magnetic-force microscope. They presented their paper at ICISS 2008 and it has been published by Springer AG in its Lecture Notes in Computer Science series (Craig Wright, Dave Kleiman, Shyaam Sundhar R. S.: Overwriting Hard Drive Data: The Great Wiping Controversy). They concluded that, after a single overwrite of the data on a drive, whether it be an old 1-gigabyte disk or a current model (at the time of the study), the likelihood of still being able to reconstruct anything is practically zero. Well, OK, not quite: a single bit whose precise location is known can in fact be correctly reconstructed with 56 per cent probability (in one of the quoted examples). To recover a byte, however, correct head positioning would have to be precisely repeated eight times, and the probability of that is only 0.97 per cent. Recovering anything beyond a single byte is even less likely. Nevertheless, that doesn't stop the vendors of data-wiping programs offering software that overwrites data up to 35 times, based on decades-old security standards that were developed for diskettes. Although this may give a data wiper the psychological satisfaction of having done a thorough job, it's a pure waste of time. Something much more important, from a security point of view, is actually to overwrite all copies of the data that are to be deleted. If a sensitive document has been edited on a PC, overwriting the file is far from sufficient because, during editing, the data have been saved countless times to temporary files, back-ups, shadow copies, swap files ... and who knows where else? Really, to ensure that nothing more can be recovered from a hard disk, it has to be overwritten completely, sector by sector. Although this takes time, it costs nothing: the dd command in any Linux distribution will do the job perfectly. (djwm) http://www.heise-online.co.uk/news/Secure-deletion-a-single-overwrite-will-do-it--/112432 T.I.S.P. - Lassen Sie Ihre Qualifikation zertifizieren vom 09.-13.03.2009 - http://www.secorvo.de/college/tisp/ - Stefan Kelm Security Consulting Secorvo Security Consulting GmbH Ettlinger Strasse 12-14, D-76137 Karlsruhe Tel. +49 721 255171-304, Fax +49 721 255171-100 stefan.k...@secorvo.de, http://www.secorvo.de/ PGP: 87AE E858 CCBC C3A2 E633 D139 B0D9 212B Mannheim HRB 108319, Geschaeftsfuehrer: Dirk Fox - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com