>===== Original Message From "Holmes, Ben" <[EMAIL PROTECTED]> =====
>"...makes it impracticable for all except the most sophisticated, high $$$
scenarios."
First, for John: for the hundredth time, your focusing only on "software
recovery tools" is baffling to me. The above post seems to argue the same
thing. ("All but...") I only included one small part to keep the limits down
that bugtaq faces.
WHY do you two believe that hardware recovery methods (which makes a one-pass
method as a "secure" method a joke) is:
A) Rare
B) Expensive
C) Not worth protecting information from, since John, you have defined
"standard" as SOFTWARE RECOVERY only.
The expense of hardware recovery has come down so dramatically that just about
ANY large US police department owns forensic hardware tools. In the U.S. many
COUNTY **sheriff's** departments have these tools and have been trained in
their use. In my city, which is in the 50-100 largest city range, our PD has
an "Electronic Evidence Department" with a staff of FIVE. The costs have come
WAY down as the demand has risen.
http://www.forensicpc.com/
http://www.vogon-computer-evidence.com/evidential_systems-02.htm
Some of us believe that true security and the word "unrecoverable" should only
be used when taking ALL factors into consideration. We get it now, (for the
hundredth time)that you believe one-pass is sufficient to thwart "standard
recovery methods" -- SOFTWARE methods! Apparently "standard recovery methods"
in Canada and the United States ARE two different things. You keep asking to
be given the name of software that can recover the data. Why are you hung-up
on SOFTWARE recovery tools? Clients expect as high a level of security as
possible. That means protection from HARDWARE FORENSIC TOOLS! Look at Enron:
right now the police and FBI are putting information back together because of
Enron's IT department FAILING to offer them TOTAL wiping security. After all,
what's being thrown at Enron is NOT simply software recovery tools, or
"standard recovery methods." Not in the case of Enron obviously, but many
companies, individuals, etc. can be **falsely accused** of all manner of
things. Recovery of certain documents can be taken out-of-context. They must
be protected from ALL possible attempts at recovering their data. I can't even
believe this is an issue. By the way, individuals desiring privacy deserve the
same.
The Gutmann method can be used to wipe free space overnight on a 60 gig drive.
Why the need for speed? Individual documents can be erased using Gutmann in
maybe five seconds as opposed to one. So, why promote the insecure one-pass
wipe when the more secure methods are no more expensive, take only a little
more time, and would protect your clients as securely AS POSSIBLE from ALL
attempts at recovering wiped data?
I think I rest my case on this. The D.O.D. and other government agencies
aren't about to let a one-pass wipe suffice. Why should I offer anything less
to a client?
Mike Donovan
