security software: InTether
At 12:36 PM 7/17/00 -0400, Heinz-Juergen 'Tom' Keller wrote: >On Sun, Jul 16, 2000 at 07:53:16PM -0400, Bad Max wrote: > >> > I Got a question about this: if thereĀ“s no software to raelly "clean" the >> > harddisk of information, What about overwritting all the harddisk or >> > formatting it? Does any trace of information stays "alive"? Maybe is a >> > obvious question but is something I have it cleared. Thanks You want to overwrite a dozen times with random (each time) data. >> A company called "Ontrack" claimed that they were capable of reading datas >> on drive after several format. The heads don't track the same each pass; residual magnetism. You can use a STM.
security software: InTether
David Honig writes: >You want to overwrite a dozen times with random (each time) data. I'd be cautious about saying that. Way back when I held a security clearance, the instructions were: * Overwrite with patterns 99 times for SECRET materials; and * Overwrite with patterns 999 times for TOP SECRET materials. As the forensic technology has undoubtedly improved in the past 20 years, I strongly doubt that "a dozen times" would be anywhere close to obscuring all evidence of the data. You're much better off physically destroying the disk by melting it or somesuch. If you don't have the option of physically destroying the disk, writing random data for a few hours ought to get you on the way towards making your original data unrecoverable. (Note that I said "on the way"!) === Mark Leighton Fisher[EMAIL PROTECTED] Thomson Consumer ElectronicsIndianapolis IN "Display some adaptability." -- Doug Shaftoe, _Cryptonomicon_ > > > > >
security software: InTether
At 09:50 AM 7/18/00 -0400, Fisher Mark wrote: >David Honig writes: >>You want to overwrite a dozen times with random (each time) data. > >I'd be cautious about saying that. Way back when I held a security >clearance, the instructions were: >* Overwrite with patterns 99 times for SECRET materials; and >* Overwrite with patterns 999 times for TOP SECRET materials. Hmm. I thought I remembered the ~dozen from some FIPS spec, but I could be wrong. The more the merrier. >As the forensic technology has undoubtedly improved in the past 20 years, I >strongly doubt that "a dozen times" would be anywhere close to obscuring all >evidence of the data. You're much better off physically destroying the disk >by melting it or somesuch. Yes but someone wanting to overwrite data may not be in a position to destroy the medium. E.g., its your working machine's hard drive. >If you don't have the option of physically destroying the disk, writing >random data for a few hours ought to get you on the way towards making your >original data unrecoverable. (Note that I said "on the way"!) Now there's a good use of the idle cycles on a secure machine: the wiping daemon.
Overwriting disks [was security software: InTether] cpunk
> -- > From: David Honig[SMTP:[EMAIL PROTECTED]] > Reply To: David Honig > Sent: Tuesday, July 18, 2000 10:37 AM > To: Multiple recipients of list > Subject: security software: InTether > > At 09:50 AM 7/18/00 -0400, Fisher Mark wrote: > >David Honig writes: > >>You want to overwrite a dozen times with random (each time) data. > > > >I'd be cautious about saying that. Way back when I held a security > >clearance, the instructions were: > >* Overwrite with patterns 99 times for SECRET materials; and > >* Overwrite with patterns 999 times for TOP SECRET materials. > > Hmm. I thought I remembered the ~dozen from some FIPS spec, but > I could be wrong. The more the merrier. > > >As the forensic technology has undoubtedly improved in the past 20 years, > I > >strongly doubt that "a dozen times" would be anywhere close to obscuring > all > >evidence of the data. You're much better off physically destroying the > disk > >by melting it or somesuch. > While the forensic tech has undoubtedly improved over the years, I have my doubts as to whether the ability to read overwritten HDs has improved at the same pace. [I'm sure Peter Guttman will have more informed comments than I]. One of the few things which is increasing faster than Moore's Law is HD capacity. Any property which enables us to to read a HD's overwritten data as if it were a palimpest is also a hack which can be exploited to store more data on that disk. Disk manufacturers have huge R&D budgets to find and exploit any such techniques. The only factors which rein in this exploitation are speed and cost. A determined, well-funded investigator could remount the platters and attempt to read them using special tools, such as STM probes. However, I'd be really curious to know just how fast (and how costly) it would be to use such tools to reconstruct, say, 5MB of compressed data, stored in sectors scattered over a 30 GB disk, after even just 10 overwrites. To me it sounds like *serious* headache time. > Yes but someone wanting to overwrite data may not be in a position > to destroy the medium. E.g., its your working machine's hard drive. > > >If you don't have the option of physically destroying the disk, writing > >random data for a few hours ought to get you on the way towards making > your > >original data unrecoverable. (Note that I said "on the way"!) > > Now there's a good use of the idle cycles on a secure machine: the wiping > daemon. > A worthy tool! I'd want to to defrag as well, and even 'pick up and dust underneath' already contiguous files. Peter Trei > > > > > >