A paper has been published about the claim that you can recover data
with an electron microscope
(http://www.springerlink.com/content/408263ql11460147/).
Unfortunately the paper is not available for free, but the summary is
that after overwriting it 1 time you can't recover data anymore with
hardware (not to mention software); only if you're very lucky you might
retrieve some bytes. After 3 wipes you will only see random noise (on a
magnetic level).
So if you really want to be sure use either 3x"dd" or run dban.org.
If your data is so valuable that an attacker will go the length (and has
the resources) to retrieve bytes from reallocated sectors and then try
to solve this puzzle, then you need way more protective measures than
just encryption.
See also http://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis and
http://en.wikipedia.org/wiki/Social_engineering_(security).
regards,
Robert
Vijay Sankar wrote:
Jordi Espasa Clofent wrote:
Hi all,
The subject is auto-descriptive ;)
After reading a while about wiping [1] I think there's not a unique
way to do it. Finally I've chosen a simple double-step method:
First,
$ dd if=/dev/urandom of=<disk_to_delete>
and next
$ dd if=/deb/zero of=<disk_to_delete>
?Do you think is it safe enough? I mean ?is it enough against the
common recovery low-level data tools?
[1] http://en.wikipedia.org/wiki/Data_erasure#Standards
I have typically used rm -P against mount points and that has worked
well for me. In one situation, someone at a customer site tried to read
data from the erased directories using various commercial tools he had
access to and failed.
