RE: [heise online UK] Secure deletion: a single overwrite will do it

2009-01-21 Thread Dave Kleiman

On Mon, 19 Jan 2009, Stefan Kelm wrote:
 ...it has to be overwritten completely, sector
 by sector. Although this takes time, it costs nothing: the dd command in
 any Linux distribution will do the job perfectly.

Note quite perfectly, and not nearly as fast as the built-in option (see below).

On Mon, 20 Jan 2009, Jason wrote:
I agree in general, although you still have to watch out for reserve tracks 
(search on this page).All hard disks have reserved sectors, which are 
used automatically by the 
drive logic if there is a defect in the media.:

Yes the main areas you are referring to are known as the P-List (Primary 
Defects List – manufacture defect info that does not change) G-List (Grown 
Defects Lists – sector relocation table). You can only access the P-List with 
special commands and tools. 

However, you can wipe the G-List are if you do it outside of an OS (or a tool 
that can access the system area), since the OS knows nothing of these sectors. 
The easiest (possible the best because of speed) way to accomplish this in 
modern ATA hard drives (2001 forward) is with the built-in Secure Erase 
program. Conveniently placed there for us by Recording Research (CMRR) headed 
by Gordon Hughes, Associate Director of CMRR, USSD on the Secure Erase 
Initiative.

At the ANSI T-13 Committee meeting in 2004, Gordon described the differences 
between block erase as described in government document DoD2550 and Secure 
Erase. Unlike block level erase Secure Erase also overwrites reassigned blocks 
and can be up to eight times faster (per CMRR tests).
In addition the enhanced SE command qualifies for Federal Government secret 
data classification erasure. 

You can download a DOS-based utility HDDerase that securely erases all data on 
ATA hard disk drives via the internal secure erase command. 
http://cmrr.ucsd.edu/people/Hughes/SecureErase.shtml


And yes, I am the same Dave Kleiman from the paper.



-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


[heise online UK] Secure deletion: a single overwrite will do it

2009-01-20 Thread Stefan Kelm
The myth that to delete data really securely from a hard disk you have
to overwrite it many times, using different patterns, has persisted for
decades, despite the fact that even firms specialising in data recovery,
openly admit that if a hard disk is overwritten with zeros just once,
all of its data is irretrievably lost.

Craig Wright, a forensics expert, claims to have put this legend finally
to rest. He and his colleagues ran a scientific study to take a close
look at hard disks of various makes and different ages, overwriting
their data under controlled conditions and then examining the magnetic
surfaces with a magnetic-force microscope. They presented their paper at
ICISS 2008 and it has been published by Springer AG in its Lecture Notes
in Computer Science series (Craig Wright, Dave Kleiman, Shyaam Sundhar
R. S.: Overwriting Hard Drive Data: The Great Wiping Controversy).

They concluded that, after a single overwrite of the data on a drive,
whether it be an old 1-gigabyte disk or a current model (at the time of
the study), the likelihood of still being able to reconstruct anything
is practically zero. Well, OK, not quite: a single bit whose precise
location is known can in fact be correctly reconstructed with 56 per
cent probability (in one of the quoted examples). To recover a byte,
however, correct head positioning would have to be precisely repeated
eight times, and the probability of that is only 0.97 per cent.
Recovering anything beyond a single byte is even less likely.

Nevertheless, that doesn't stop the vendors of data-wiping programs
offering software that overwrites data up to 35 times, based on
decades-old security standards that were developed for diskettes.
Although this may give a data wiper the psychological satisfaction of
having done a thorough job, it's a pure waste of time.

Something much more important, from a security point of view, is
actually to overwrite all copies of the data that are to be deleted. If
a sensitive document has been edited on a PC, overwriting the file is
far from sufficient because, during editing, the data have been saved
countless times to temporary files, back-ups, shadow copies, swap files
... and who knows where else? Really, to ensure that nothing more can be
recovered from a hard disk, it has to be overwritten completely, sector
by sector. Although this takes time, it costs nothing: the dd command in
any Linux distribution will do the job perfectly.

(djwm)

http://www.heise-online.co.uk/news/Secure-deletion-a-single-overwrite-will-do-it--/112432


T.I.S.P.  -  Lassen Sie Ihre Qualifikation zertifizieren
vom 09.-13.03.2009 - http://www.secorvo.de/college/tisp/
-
Stefan Kelm
Security Consulting

Secorvo Security Consulting GmbH
Ettlinger Strasse 12-14, D-76137 Karlsruhe
Tel. +49 721 255171-304, Fax +49 721 255171-100
stefan.k...@secorvo.de, http://www.secorvo.de/
PGP: 87AE E858 CCBC C3A2 E633 D139 B0D9 212B

Mannheim HRB 108319, Geschaeftsfuehrer: Dirk Fox

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Re: [heise online UK] Secure deletion: a single overwrite will do it

2009-01-20 Thread Jason


On Mon, 19 Jan 2009, Stefan Kelm wrote:

... and who knows where else? Really, to ensure that nothing more can be
recovered from a hard disk, it has to be overwritten completely, sector
by sector. Although this takes time, it costs nothing: the dd command in
any Linux distribution will do the job perfectly.


I agree in general, although you still have to watch out for reserve tracks 
(search on this page):


http://forum.hddguru.com/seagate-terminal-commands-t6411.html

All hard disks have reserved sectors, which are used automatically by the 
drive logic if there is a defect in the media.:


http://cisn.metu.edu.tr/97-2/hardware.html

Those could perhaps be used to smuggle data out of a wiped disk.  Or, if your 
disk firmware is (or someday becomes) clever enough to transparently swap out 
dying sectors with those from its reserved store, you could accidentally end 
up with data on the disk that dd would miss.


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Re: [heise online UK] Secure deletion: a single overwrite will do it

2009-01-20 Thread dan

Peter Gutmann has responded

http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html

(see the Further Epilogue section well down the page)

--dan


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com