Actually, the DoD standard is to write over the data 7 times, alternating between 0x00 and 0xFF. I can only assume that the NSA follows a similar (or perhaps more stringent) standard
Joe Barrett ----- Original Message ----- From: "Nero, Nick" <[EMAIL PROTECTED]> To: "Dave Adams" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, October 29, 2002 12:30 Subject: RE: Interesting One > Well, the NSA standard I believe is that zero-filling a drive (writing > all 0's to the platter) will make the data impossible to recover, but I > am sure there are some instances when this isn't the cause depending on > how retentive the media is and all that. If is electromagnetically > degaussed for an extended period of time, I can't imagine anything could > recover the data. > > Nick Nero, CISSP > > -----Original Message----- > From: Dave Adams [mailto:dadams@;johncrowley.co.uk] > Sent: Monday, October 28, 2002 5:06 PM > To: [EMAIL PROTECTED] > Subject: Interesting One > > > Greetings Folks, > > I had an interesting conversation today with someone from FAST > (Federation Against Software Theft) They pretend not to be a snitch wing > of the BSA. Anyway, to get to the point, the guy that came to see me > said that their forensics guys could read data off a hard drive that had > been written over up to thirty times. I find this very hard to believe > and told him I thought he was mistaken but the guy was adamant that it > could be done. My question is, does anyone have any views on this, or, > can anyone point me to a source of information where I can get the facts > on exactly how much data can be retrieved off a hard drive and under > what conditions etc etc. > > Thanks > > Dave Adams > > > > This message (and any associated files) is intended only for the > use of the individual or entity to which it is addressed and may > contain information that is confidential, subject to copyright or > constitutes a trade secret. If you are not the intended recipient > you are hereby notified that any dissemination, copying or > distribution of this message, or files associated with this message, > is strictly prohibited. If you have received this message in error, > please notify us immediately by replying to the message and deleting > it from your computer. Messages sent to and from > John Crowley (Maidstone) Ltd may be monitored. > > Internet communications cannot be guaranteed to be secure or error-free > as information could be intercepted, corrupted, lost, destroyed, arrive > late or incomplete, or contain viruses. Therefore, we do not accept > responsibility for any errors or omissions that are present in this > message, or any attachment, that have arisen as a result of e-mail > transmission. If verification is required, please request a hard-copy > version. Any views or opinions presented are solely those of the author > and do not necessarily represent those of John Crowley (Maidstone) Ltd.
