Re: Google Attitude was RE: Unclassified Disk "Sanitizers"

[Shafik Yaghmour]

FYI, if you go to "Advanced Search" page you can choose to get
100 results per page.

There is also a "Preferences" page that allows you to set the
number of results you want per page for all your searches, if you do not
mind them setting a cookie.

Take care

On Thu, 7 Mar 2002, rplyx wrote:

> p.s. My pavorite search engine is hotbot. It could give you 100
> results per page.

==
--"the more you know and understand the more you must know and understand
   .. knowledge is an unsatiable hunger .. which makes life easier and at
   the same time harder  knowledge is a paradox w/ no resolution just
   a boundless function of human nature  knowledge is a trap which we
   embrace and which we run away from  and in the end the only escape
   is death  or maybe not "--
==
 -This message transmitted on 100% recycled electrons-
 -Save the whales, Feed the hungry, Free the mallocs-
 -Fear me For I know the secret of recursive Puns-

Those who dream by day are cognizant of many things which escape those who
dream only by night. -Edgar Allan Poe

RE: Unclassified Disk "Sanitizers"

[paul . baccas]

Hi,

A few of points that seem to have been missed in this thread.

1) If you wish to erase a disk then it makes no difference what OS it is
running because you should not be booting from the hard disk to erase the
data.

2) The erasure program should be working at the sector level on the
harddisk not on the filesystem.

3) Approved and free is likely to be hard to find. If the approval method
costs money to submit to then .

The idealised harddisk is treated as a laminar and each bit as a point.
This ideal is impossible, this means that each bit is a 3-D shape of finite
size. Even repetitive overwrites of data can be recover by statistically
methods using the correct equipment.


pob

PS See my sig. my opinions may be skewed by virtue of my employer. Opinions
stated are not necessarily those of my employer.


--
Paul Baccas, Virus Researcher, Sophos Anti-Virus
Email: [EMAIL PROTECTED], Tel: 01235 559933, Web: www.sophos.com
US Support: +1 888 SOPHOS 9   UK Support: +44 1235 559933

RE: Unclassified Disk "Sanitizers"

[Holmes, Ben]

 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Like I have posted before to other lists.. here is what I think about all of this 
"Disk Sanitizers"

1. Drives remap bad sectors, most disk sanitizers do not wipe previously allocated bad 
sectors (that is, sectors in the Grown Defect List of an IDE drive etc).  This is not 
"Slack Space" and cannot be addressed without special low-level (often drive specific) 
software or a Type II degaussing apparatus (Big coil of wire, mucho HF electricity, 
drive becomes dead because address marks disappear.. you often just get "clunk, 
Clunk!")

2. You can wipe a drive with ONE PASS and for all practical purposes "FORMAT C: /U" 
will do the trick, or 'dd'ing a bunch of "0"s over it.. Once that has been done there 
is NO known software that can recover ANY meaningful data from an IDE, or normal SCSI 
drive that has not been mapped as a grown defect (If you just did a FORMAT /U it only 
wipes data from THAT partition, and it is UNRECOVERABLE by software - A normal format 
does nothing but READ except for the first few sectors and so it is all still there). 

3. It is possible to recover data that has only been overwritten once using Magnetic 
Force Microscopy or other such methods.  All of these methods are SLOW and require the 
drive to be COMPLETELY DISSASEMBLED.

4. A modern HDD may hold 60Gb + and may be part of a stripe raid set, the time it 
takes to re-assemble enough meaningful data extracted by MFM or any other such system 
makes it impracticable for all except the most sophisticated, high $$$ scenarios.  
Also as a drive gets overwritten in normal use, the most used sectors (where the 
sensitive data is most likely) may not have stored the data for as long and so it may 
be hard to tell what magnetic "ghost" the right information is (this is very true for 
SAM files where the password gets changed on a regular basis and on NTFS where the MFT 
gets relocated and resized on the fly by the OS making the files hard to find)

In conclusion, Guttmann or DODWipe will make it hopefully unrecoverable from non 
software means of recovery (Electron Microscope, Magnetic Force Microscope etc), 
unless that is the scope of what people will go to to get YOUR data, ONE PASS WIPES 
DATA FULLY.

I am yet to hear of a case where someone has actually gone to this trouble and 
successfully broken into a firm using gathered data, that doesn't mean that it doesn't 
happen, but I have never heard of it.  If there was a case, you would think that the 
many companies trying to flog "RedundantWipe 2000 Plus Deluxe Enterprise Edition" (or 
however they want to market another multi-pass disk wiper) would have it on their web 
page.

If the data is worth more than the time needed for a one pass wipe, Thermite or a very 
hot furnace will do a much better job.  A hard drive is rarely worth the price of the 
time of running DODWipe of a 60Gb Hard drive and then remapping all the grown defect 
lists and even then, those Magnetic Force Microscopes are pretty good, if the data was 
THAT secure and I thought someone would spend thousands of dollars and moths of time 
to recover a bit of data, I would melt it..

Here is my little flow chart:

Is the data valuable enough for someone to use MFM to examine the drive?
  |
   +--+---+
Yes No
 |  |
Put the drive   One pass of a
in a very hot   random   data 
furnace   and   stream  or  a
make  sure it   "0" wipe will
is  a  molten   do fine.
mess of gue.

I hope this helps.

If you can prove to me that you can recover my SAM from an arbitrary 5Gb HDD after I 
have run:
dd /if=/dev/zero /of=/dev/
without breaking the seal off the hard drive, THEN I will say otherwise.

- -- Benjamin Holmes



> -Original Message-
> From: John Daniele [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, 7 March 2002 3:07 AM
> To: Mike Donovan
> Cc: [EMAIL PROTECTED]
> Subject: RE: Unclassified Disk "Sanitizers"
> 
> 
> 
> Could you point me towards SOFTWARE (not STM equipment) that 
> would be able
> to recover data that had been OVERWRITTEN from a sector of a drive?
> 
> i.e. dd if=/dev/zero of=/dev/dsk/c0t0*
> 
> Read each physical sector of the drive and explain to me how 
> meaningful
> data is recovered from 00's using software recovery tools?
> 
> Sorry for my abrasive response, but you are out of line. I was not
> referring to a scenario where portions of a deleted file may 
> be recovered
> from file slack, or swap space but rather in the case that it 
> had truly
> been OVERWRITTEN!
> 
> _
> John Daniele
> Technical Security & Intelligence
> Toronto, ON
> Voice:  (416) 

Re: Unclassified Disk "Sanitizers"

[John Daniele]

For the hundreth time! There is a difference between a file being deleted
from a filesystem and it being truly OVERWRITTEN. If you are sanitizing
the drive, you will OVERWRITE it with data from the first sector to the
very last PHYSICAL sector of the drive. OVERWRITTEN. Period. Unless you
wish to pursue other PHYSICAL RECOVERY methods such as the use of Scanning
Tunneling Microscopy or recovery of tiny fragments of data from the cache
chip found on the drive's circuit board, it's for all intents and purposes
GONE.

_
John Daniele
Technical Security & Intelligence
Toronto, ON
Voice:  (416) 605-2041
E-mail: [EMAIL PROTECTED]
Web:http://www.tsintel.com

On Fri, 8 Mar 2002, Marnix Petrarca wrote:

> didn't the coroners toolkit from wietse venema and consorts do something
> like that?
> There's other interesting reading there, too.
> http://www.porcupine.org/forensics/tct.html
> -M
>
> - Original Message -
> From: "John Daniele" <[EMAIL PROTECTED]>
> To: "Mike Donovan" <[EMAIL PROTECTED]>
> Cc: <[EMAIL PROTECTED]>
> Sent: 06 March, 2002 6:07 PM
> Subject: RE: Unclassified Disk "Sanitizers"
>
>
> >
> > Could you point me towards SOFTWARE (not STM equipment) that would be able
> > to recover data that had been OVERWRITTEN from a sector of a drive?
> >
> > i.e. dd if=/dev/zero of=/dev/dsk/c0t0*
> >
> > Read each physical sector of the drive and explain to me how meaningful
> > data is recovered from 00's using software recovery tools?
> >
> > Sorry for my abrasive response, but you are out of line. I was not
> > referring to a scenario where portions of a deleted file may be recovered
> > from file slack, or swap space but rather in the case that it had truly
> > been OVERWRITTEN!
> >
> > _
> > John Daniele
> > Technical Security & Intelligence
> > Toronto, ON
> > Voice:  (416) 605-2041
> > E-mail: [EMAIL PROTECTED]
> > Web:http://www.tsintel.com
> >
> > On Wed, 6 Mar 2002, Mike Donovan wrote:
> >
> > > >= Original Message From John Daniele <[EMAIL PROTECTED]> =
> > > >The data only has to be overwritten once such that it is unrecoverable
> > > >using standard forensic recovery methods.
> >
> > --
> -
> > > This is false. Completely. A one-time pass --- making data
> "unrecoverable?"
> > > Why is it that Bruce Schneier and others are constantly harping on how
> we
> > > can't assume ANYTHING is truly "unrecoverable" using software methods?
> Period!
> > > Even Gutmann's paper questions his own method! John, in referring others
> for
> > > more information to the over-used "Gutmann Paper" (which is going now on
> > > six-years old), need I remind you how recovery capabilities have changed
> in
> > > SIX years? Let me refer you to something more current and more realistic
> from
> > > SANS:
> > > http://rr.sans.org/incident/deletion.php
> > > It must be remembered the Gutmann 35-pass method is *completely*
> different in
> > > what a "pass" is than, say, the D.O.D 7-pass method. Gutmann's method
> takes
> > > into account various encoding methods used my makers of the drives. It's
> > > totally different. Hard drive slack space and unallocated space? Not
> even
> > > mentioned in John's all-inclusive sentence above. How can anything be
> securely
> > > deleted without even touching these data storage hogs that a simple
> one-pass
> > > method will NOT touch? In the very paper John referred to, Peter Gutmann
> says
> > > in the opening sentence of his conclusion,(point 9)"Data overwritten
> once or
> > > twice may be recovered by subtracting what is expected to be read from a
> > > storage location from what is actually read."
> > >
> > > The kind of misinformation in John's post is dangerous - especially in
> today's
> > > world. Bottom line: Stick with Department of Defense regulations for
> secure
> > > deletion or use the 35-pass Gutmann method. Please, don't let **anyone**
> tell
> > > you a one-time pass will make data "unrecoverable."
> > >
> > > Mike Donovan
> > >
> > >
> >
>
>

Re: Unclassified Disk "Sanitizers"

[Marnix Petrarca]

didn't the coroners toolkit from wietse venema and consorts do something
like that?
There's other interesting reading there, too.
http://www.porcupine.org/forensics/tct.html
-M

- Original Message -
From: "John Daniele" <[EMAIL PROTECTED]>
To: "Mike Donovan" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: 06 March, 2002 6:07 PM
Subject: RE: Unclassified Disk "Sanitizers"


>
> Could you point me towards SOFTWARE (not STM equipment) that would be able
> to recover data that had been OVERWRITTEN from a sector of a drive?
>
> i.e. dd if=/dev/zero of=/dev/dsk/c0t0*
>
> Read each physical sector of the drive and explain to me how meaningful
> data is recovered from 00's using software recovery tools?
>
> Sorry for my abrasive response, but you are out of line. I was not
> referring to a scenario where portions of a deleted file may be recovered
> from file slack, or swap space but rather in the case that it had truly
> been OVERWRITTEN!
>
> _
> John Daniele
> Technical Security & Intelligence
> Toronto, ON
> Voice:  (416) 605-2041
> E-mail: [EMAIL PROTECTED]
> Web:http://www.tsintel.com
>
> On Wed, 6 Mar 2002, Mike Donovan wrote:
>
> > >= Original Message From John Daniele <[EMAIL PROTECTED]> =
> > >The data only has to be overwritten once such that it is unrecoverable
> > >using standard forensic recovery methods.
>
> --
-
> > This is false. Completely. A one-time pass --- making data
"unrecoverable?"
> > Why is it that Bruce Schneier and others are constantly harping on how
we
> > can't assume ANYTHING is truly "unrecoverable" using software methods?
Period!
> > Even Gutmann's paper questions his own method! John, in referring others
for
> > more information to the over-used "Gutmann Paper" (which is going now on
> > six-years old), need I remind you how recovery capabilities have changed
in
> > SIX years? Let me refer you to something more current and more realistic
from
> > SANS:
> > http://rr.sans.org/incident/deletion.php
> > It must be remembered the Gutmann 35-pass method is *completely*
different in
> > what a "pass" is than, say, the D.O.D 7-pass method. Gutmann's method
takes
> > into account various encoding methods used my makers of the drives. It's
> > totally different. Hard drive slack space and unallocated space? Not
even
> > mentioned in John's all-inclusive sentence above. How can anything be
securely
> > deleted without even touching these data storage hogs that a simple
one-pass
> > method will NOT touch? In the very paper John referred to, Peter Gutmann
says
> > in the opening sentence of his conclusion,(point 9)"Data overwritten
once or
> > twice may be recovered by subtracting what is expected to be read from a
> > storage location from what is actually read."
> >
> > The kind of misinformation in John's post is dangerous - especially in
today's
> > world. Bottom line: Stick with Department of Defense regulations for
secure
> > deletion or use the 35-pass Gutmann method. Please, don't let **anyone**
tell
> > you a one-time pass will make data "unrecoverable."
> >
> > Mike Donovan
> >
> >
>

Re: Google Attitude was RE: Unclassified Disk "Sanitizers"

[rplyx]

Hello every one,

I'm a newbie. I've been lurking on this list for quite a while, and
never post a message before.

If I asked a question to the list: "Where can I found the FAQs about
NFS?", then someone replied me "Go Google", I would not consider it a
rude answer. The fact that I have not mentioned that "I have search on
Google, but could not find something suitable." on my question
should only meant that I have never heard of Google before.

Don't you think that it will be very polite if before asking for
"where" type question, you state first the searching effort you've
done?


Best regards,
 rplyx


p.s. My pavorite search engine is hotbot. It could give you 100
results per page.

RE: Unclassified Disk "Sanitizers"

[Mike Donovan]

>= Original Message From John Daniele <[EMAIL PROTECTED]> =
>Could you point me towards SOFTWARE (not STM equipment) that would be able
>to recover data that had been OVERWRITTEN from a sector of a drive?
>i.e. dd if=/dev/zero of=/dev/dsk/c0t0*
>Read each physical sector of the drive and explain to me how meaningful
>data is recovered from 00's using software recovery tools?
>John Daniele


I think all-inclusive statements, such as that by John in an earlier post, 
that a one-time pass will make data "unrecoverable" with standard forensic 
recovery methods is simply wrong. It's not a matter of which software could - 
or couldn't. It's a matter of what you mean by "standard" forensic recovery 
methods. You did not make clear what you meant by "standard" methods. If you 
mean Norton or McAfee Undelete when you speak of "forensic" methods - well 
then, we're talking different ball parks. Standard "forensic recovery methods" 
by big city US Police Departments and the FBI include more in their arsenal 
than simple data recovery programs. I am sure (or assume) the true is in 
Canada as well. The USA Dept. Of Defense (as you know) has protocols that are 
acceptable --- a three-pass method, a seven-pass method, and then there's the 
Gutmann method, which is acceptable to anybody, except maybe the Marines - who 
must blow their old drives to bits! (Pardon the pun).But a one-time pass? 
Not acceptable for true security. And what good does it do to call something 
"unrecoverable" and NOT take into account slack space? Again, it comes back to 
the term "standard" -- I think the definition may be different in Canada than 
the United States.
- Mike Donovan  

RE: Unclassified Disk "Sanitizers"

[John Daniele]

Ok, before you put any more words into my mouth, lets go over the basics:

(in very simplistic terms for better understanding of the core concepts)

What happens when a file is deleted depends on the filesystem upon which
it resides. Windows/DOS simply marks the file for deletion simply by
'hiding' the file from view. On filesystems such as EXT2, for example, the
directory entry is marked as unused, the inode block is the marked as
unused as well as the file data block in its block allocation map.
However, some information is still intact, such as the relation between
the file inode and first 12 file data blocks, which allows for easy
recovery of smaller files that within within 12 blocks. For other files
however, recovery is still possible! Just because there is no relationship
between the inode and file data block, doesn't mean that the content
within the file data block is erased. In fact, it can still be intact
long after deletion of the file. As well, shreds of data may still exist
within the unused spaces within the last data blocks of a file for
potential reassembly (file slack).

Now, what wiping utilities try to do is OVERWRITE those portions of the
disk such as all unused data blocks and file slack space where potential
data can be recovered. Once overwritten, it is UNRECOVERABLE using
forensic analysis tools such as EnCase, Byte-Back, Ontrack Recovery, etc.
etc. However, this does not necessarily mean that it cannot be recovered
using other PHYSICAL means by closely examining information within
the magnetic domains using specialized equipment, i.e. the physical
components of the drive; disk platters, cache chips, etc.

I was trying to get two points across; number 1:  data CAN still be
recovered after a 35 Guttman pass or 7 pass DoD standard blah blah blah
using physical methods such as the use of scanning tunnelling microscopy.
Also, simply denting a drive platter or otherwise attempting to damage the
drive may not in all cases equal unrecoverability! The drive platters can
be removed, remodelled and read using PHYSICAL methods.

But also that a company should be realistic as to who their potential
adversaries are, and architect a solution that fits their needs. Not
everyone needs to spend billions building their secure datacenter deep
underground within a vault with two interlocking vaulting doors protecting
a pressure floor to determine the weight of only one person before
allowing access to authenticate against a vein and retina biometric
device. Properly assess your threats, otherwise you will lose the war.

ttyl,

_
John Daniele
Technical Security & Intelligence
Toronto, ON
Voice:  (416) 605-2041
E-mail: [EMAIL PROTECTED]
Web:http://www.tsintel.com

On Wed, 6 Mar 2002, Mike Donovan wrote:

> >= Original Message From John Daniele <[EMAIL PROTECTED]> =
> >Could you point me towards SOFTWARE (not STM equipment) that would be able
> >to recover data that had been OVERWRITTEN from a sector of a drive?
> >i.e. dd if=/dev/zero of=/dev/dsk/c0t0*
> >Read each physical sector of the drive and explain to me how meaningful
> >data is recovered from 00's using software recovery tools?
> >John Daniele
>
>
> I think all-inclusive statements, such as that by John in an earlier post,
> that a one-time pass will make data "unrecoverable" with standard forensic
> recovery methods is simply wrong. It's not a matter of which software could -
> or couldn't. It's a matter of what you mean by "standard" forensic recovery
> methods. You did not make clear what you meant by "standard" methods. If you
> mean Norton or McAfee Undelete when you speak of "forensic" methods - well
> then, we're talking different ball parks. Standard "forensic recovery methods"
> by big city US Police Departments and the FBI include more in their arsenal
> than simple data recovery programs. I am sure (or assume) the true is in
> Canada as well. The USA Dept. Of Defense (as you know) has protocols that are
> acceptable --- a three-pass method, a seven-pass method, and then there's the
> Gutmann method, which is acceptable to anybody, except maybe the Marines - who
> must blow their old drives to bits! (Pardon the pun).But a one-time pass?
> Not acceptable for true security. And what good does it do to call something
> "unrecoverable" and NOT take into account slack space? Again, it comes back to
> the term "standard" -- I think the definition may be different in Canada than
> the United States.
> - Mike Donovan
>
>

RE: Unclassified Disk "Sanitizers"

[John Daniele]

Could you point me towards SOFTWARE (not STM equipment) that would be able
to recover data that had been OVERWRITTEN from a sector of a drive?

i.e. dd if=/dev/zero of=/dev/dsk/c0t0*

Read each physical sector of the drive and explain to me how meaningful
data is recovered from 00's using software recovery tools?

Sorry for my abrasive response, but you are out of line. I was not
referring to a scenario where portions of a deleted file may be recovered
from file slack, or swap space but rather in the case that it had truly
been OVERWRITTEN!

_
John Daniele
Technical Security & Intelligence
Toronto, ON
Voice:  (416) 605-2041
E-mail: [EMAIL PROTECTED]
Web:http://www.tsintel.com

On Wed, 6 Mar 2002, Mike Donovan wrote:

> >= Original Message From John Daniele <[EMAIL PROTECTED]> =
> >The data only has to be overwritten once such that it is unrecoverable
> >using standard forensic recovery methods.
> ---
> This is false. Completely. A one-time pass --- making data "unrecoverable?"
> Why is it that Bruce Schneier and others are constantly harping on how we
> can't assume ANYTHING is truly "unrecoverable" using software methods? Period!
> Even Gutmann's paper questions his own method! John, in referring others for
> more information to the over-used "Gutmann Paper" (which is going now on
> six-years old), need I remind you how recovery capabilities have changed in
> SIX years? Let me refer you to something more current and more realistic from
> SANS:
> http://rr.sans.org/incident/deletion.php
> It must be remembered the Gutmann 35-pass method is *completely* different in
> what a "pass" is than, say, the D.O.D 7-pass method. Gutmann's method takes
> into account various encoding methods used my makers of the drives. It's
> totally different. Hard drive slack space and unallocated space? Not even
> mentioned in John's all-inclusive sentence above. How can anything be securely
> deleted without even touching these data storage hogs that a simple one-pass
> method will NOT touch? In the very paper John referred to, Peter Gutmann says
> in the opening sentence of his conclusion,(point 9)"Data overwritten once or
> twice may be recovered by subtracting what is expected to be read from a
> storage location from what is actually read."
>
> The kind of misinformation in John's post is dangerous - especially in today's
> world. Bottom line: Stick with Department of Defense regulations for secure
> deletion or use the 35-pass Gutmann method. Please, don't let **anyone** tell
> you a one-time pass will make data "unrecoverable."
>
> Mike Donovan
>
>

RE: Unclassified Disk "Sanitizers"

[Mike Donovan]

>= Original Message From John Daniele <[EMAIL PROTECTED]> =
>The data only has to be overwritten once such that it is unrecoverable
>using standard forensic recovery methods. 
---
This is false. Completely. A one-time pass --- making data "unrecoverable?" 
Why is it that Bruce Schneier and others are constantly harping on how we 
can't assume ANYTHING is truly "unrecoverable" using software methods? Period! 
Even Gutmann's paper questions his own method! John, in referring others for 
more information to the over-used "Gutmann Paper" (which is going now on 
six-years old), need I remind you how recovery capabilities have changed in 
SIX years? Let me refer you to something more current and more realistic from 
SANS:
http://rr.sans.org/incident/deletion.php
It must be remembered the Gutmann 35-pass method is *completely* different in 
what a "pass" is than, say, the D.O.D 7-pass method. Gutmann's method takes 
into account various encoding methods used my makers of the drives. It's 
totally different. Hard drive slack space and unallocated space? Not even 
mentioned in John's all-inclusive sentence above. How can anything be securely 
deleted without even touching these data storage hogs that a simple one-pass 
method will NOT touch? In the very paper John referred to, Peter Gutmann says 
in the opening sentence of his conclusion,(point 9)"Data overwritten once or 
twice may be recovered by subtracting what is expected to be read from a 
storage location from what is actually read."

The kind of misinformation in John's post is dangerous - especially in today's 
world. Bottom line: Stick with Department of Defense regulations for secure 
deletion or use the 35-pass Gutmann method. Please, don't let **anyone** tell 
you a one-time pass will make data "unrecoverable."

Mike Donovan

RE: Google Attitude was RE: Unclassified Disk "Sanitizers"

[Harris Samuel W PORT]

Well since I started this thread, I would like to finish this and I would
ask the moderator to kill the thread after this. It IS rude to say "use
Google". But it is also understood that it does get tiring answering the
same questions every day. I have been on other email lists that, as part of
each email message, would have a statement on the bottom of each list, which
would include a URL of the archives of the list. This would provide an easy
access for people to go there. As a newbie, you feel like you are lost in a
sea of sharks.  I like to steer them to the right info the first time. They
just aren't used to the setup of the lists. Every one is different. I know
as I am on a lot of them. As I said when I began this a few days ago, this
is SECURITY-BASICS. We all can help everybody. WE are all a team. We all
have a common goal, to help inform the uninformed and to learn how to give a
clue to  management. Nuf said. Now please kill the thread and let's get back
to teaching novices the ropes.  

Samuel Harris
A+, MCP, Networking Certificate, Phi Theta Kappa
Portsmouth Naval Shipyard
Portsmouth , NH 03801
(207) 438-1275


-Original Message-
From: Greg Horne [mailto:[EMAIL PROTECTED]]
Sent: Monday, March 04, 2002 5:32 PM
To: 'Jay D. Dyson'
Cc: [EMAIL PROTECTED]
Subject: RE: Google Attitude was RE: Unclassified Disk "Sanitizers"


You made a very good point.  It IS unfair for people to ask
lists the same questions over and over and expect a response every time.
But certainly it is unfair to give that answer to somebody new to the
list, they don't know about this google concept...  "Go to google"
appears rude to them.  Of course it is not really rude, but until they
understand how the list works bad vibes flow. :(  It might be a good
idea to give new users search tips that we take for granted, via email
after they subscribe.  If there is already a system in place that does
this forgive my ignorance, I subscribed a while back and don't recall
anything of this sort.

- - -
Greg Horne

> -Original Message-
> From: Jay D. Dyson [mailto:[EMAIL PROTECTED]]
> Sent: Friday, March 01, 2002 6:34 PM
> To: Greg Horne
> Cc: [EMAIL PROTECTED]
> Subject: Re: Google Attitude was RE: Unclassified Disk "Sanitizers"
> 
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> On Thu, 28 Feb 2002, Greg Horne wrote:
> 
> > I know what you mean.  It seems to me that a lot of people take for
> > granted the knowledge that they have.  I mean, not everybody knows
WHAT
> > to search for on google.
> 
>   I'd have to disagree on that point.  Ninety-nine times out of
> one-hundred, whenever I have seen a question to which I give the
"Google
> is your friend" answer, the very search string used is the key words
in
> the author's question.
> 
>   For example:Question: Is there a Howto or a FAQ on NFS?
>   Answer  : Go to Google and enter
"howto+faq+nfs".
> 
>   Bang.  That's it.  It's trivial.  Anyone who so much as *knows*
> that Google exists could do that.
> 
>   The bottom line is this: I don't mind helping people out.  I got
> to where I am because others pointed me in the right direction when I
> needed it.  But one thing that was made *sparkling clear* from the
start
> was that it was disrespectful to just expect others to regurgitate
answers
> any time you wanted.  Indeed, it was a matter of courtesy of respect
to at
> least first make your own effort to find what you needed before asking
> someone else to give you the answers.
> 
>   It may seem unfriendly to some folks, but it's honestly not.
When
> you get down to it, sure, none of us acquired our knowledge all by
> ourselves...but we also didn't acquire our knowledge by asking someone
> else to do our homework all the time.
> 
> - -Jay
> 
>   ((
___
>   ))   ))   .--"There's always time for a good cup of coffee"--.
><-
> -.
> C|~~|C|~~| (>-- Jay D. Dyson -- [EMAIL PROTECTED] --<) |
=
> |-'
>  `--' `--'  `The armed are citizens.  The unarmed are subjects.'
`--'
> 
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.0.6 (SunOS)
> Comment: See http://www.treachery.net/~jdyson/ for current keys.
> 
> iEYEARECAAYFAjyAOhEACgkQGI2IHblM+8GwQQCeNhIEHsz5jac/GH1Y0qYYVyT7
> 1soAn3Pv6e4NLxrcLoagtG9KqgWVdknK
> =PgT5
> -END PGP SIGNATURE-

RE: Google Attitude was RE: Unclassified Disk "Sanitizers"

[Todd Suiter]

I would tend to agree. However a question as well, Perhaps a FAQ that
is sent out every month? I understand this field changes awful fast
for that type of thing to be kept up to date, but at least some introductory
material could be included, and explanations (and EXAMPLES) of the dreaded
1 word:"Google" response.

I would be willing to come up with some examples, and a basic outline
for topics...if anyone is interested in doing this type of thing, please
let me know via email to [EMAIL PROTECTED]

Todd Suiter
Staff Eng/Mgr
Security/NOC
S4R


On Mon, 4 Mar 2002, Greg Horne wrote:

>   You made a very good point.  It IS unfair for people to ask
> lists the same questions over and over and expect a response every time.
> But certainly it is unfair to give that answer to somebody new to the
> list, they don't know about this google concept...  "Go to google"
> appears rude to them.  Of course it is not really rude, but until they
> understand how the list works bad vibes flow. :(  It might be a good
> idea to give new users search tips that we take for granted, via email
> after they subscribe.  If there is already a system in place that does
> this forgive my ignorance, I subscribed a while back and don't recall
> anything of this sort.
>
> - - -
> Greg Horne
>
> > -Original Message-
> > From: Jay D. Dyson [mailto:[EMAIL PROTECTED]]
> > Sent: Friday, March 01, 2002 6:34 PM
> > To: Greg Horne
> > Cc: [EMAIL PROTECTED]
> > Subject: Re: Google Attitude was RE: Unclassified Disk "Sanitizers"
> >
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA1
> >
> > On Thu, 28 Feb 2002, Greg Horne wrote:
> >
> > > I know what you mean.  It seems to me that a lot of people take for
> > > granted the knowledge that they have.  I mean, not everybody knows
> WHAT
> > > to search for on google.
> >
> > I'd have to disagree on that point.  Ninety-nine times out of
> > one-hundred, whenever I have seen a question to which I give the
> "Google
> > is your friend" answer, the very search string used is the key words
> in
> > the author's question.
> >
> > For example:Question: Is there a Howto or a FAQ on NFS?
> > Answer  : Go to Google and enter
> "howto+faq+nfs".
> >
> > Bang.  That's it.  It's trivial.  Anyone who so much as *knows*
> > that Google exists could do that.
> >
> > The bottom line is this: I don't mind helping people out.  I got
> > to where I am because others pointed me in the right direction when I
> > needed it.  But one thing that was made *sparkling clear* from the
> start
> > was that it was disrespectful to just expect others to regurgitate
> answers
> > any time you wanted.  Indeed, it was a matter of courtesy of respect
> to at
> > least first make your own effort to find what you needed before asking
> > someone else to give you the answers.
> >
> > It may seem unfriendly to some folks, but it's honestly not.
> When
> > you get down to it, sure, none of us acquired our knowledge all by
> > ourselves...but we also didn't acquire our knowledge by asking someone
> > else to do our homework all the time.
> >
> > - -Jay
> >
> >   ((
> ___
> >   ))   ))   .--"There's always time for a good cup of coffee"--.
> ><-
> > -.
> > C|~~|C|~~| (>-- Jay D. Dyson -- [EMAIL PROTECTED] --<) |
> =
> > |-'
> >  `--' `--'  `The armed are citizens.  The unarmed are subjects.'
> `--'
> >
> > -BEGIN PGP SIGNATURE-
> > Version: GnuPG v1.0.6 (SunOS)
> > Comment: See http://www.treachery.net/~jdyson/ for current keys.
> >
> > iEYEARECAAYFAjyAOhEACgkQGI2IHblM+8GwQQCeNhIEHsz5jac/GH1Y0qYYVyT7
> > 1soAn3Pv6e4NLxrcLoagtG9KqgWVdknK
> > =PgT5
> > -END PGP SIGNATURE-
>
>

RE: Google Attitude was RE: Unclassified Disk "Sanitizers"

[Tommie Porter]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1


>-Original Message-
>From: Jay D. Dyson [mailto:[EMAIL PROTECTED]]
>Sent: Friday, March 01, 2002 6:34 PM
>To: Greg Horne
>Cc: [EMAIL PROTECTED]
>Subject: Re: Google Attitude was RE: Unclassified Disk "Sanitizers"
>
>
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA1
>
>On Thu, 28 Feb 2002, Greg Horne wrote:
>
>> I know what you mean.  It seems to me that a lot of people take
>> for granted the knowledge that they have.  I mean, not everybody 
>knows WHAT
>> to search for on google.
>
>   I'd have to disagree on that point.  Ninety-nine times out of
>one-hundred, whenever I have seen a question to which I give 
>the "Google
>is your friend" answer, the very search string used is the key words
>in the author's question.
>
>   For example:Question: Is there a Howto or a FAQ on NFS?
>   Answer  : Go to Google and enter 
>"howto+faq+nfs".
>
>   Bang.  That's it.  It's trivial.  Anyone who so much as *knows*
>that Google exists could do that.


Usually the question is 'Does anybody know of a GOOD Howto or a FAQ
on NFS?'
How is a newbie supposed to know which FAQ/HOWTO is good and which
ones might be inaccurate?
Do you think they should have to read all 2387 results that google
finds? 


>
>   The bottom line is this: I don't mind helping people out.  I got
>to where I am because others pointed me in the right direction when
>I needed it.  But one thing that was made *sparkling clear* from 
>the start
>was that it was disrespectful to just expect others to 
>regurgitate answers
>any time you wanted.  Indeed, it was a matter of courtesy of 
>respect to at
>least first make your own effort to find what you needed before
>asking someone else to give you the answers.
>


If the same person asked you reguritate the same answers, yes, that
is wrong. Most of the time, it's different people asking questions
that have been asked before. You'll always have that because you
always have new people joining the list. But you can't expect to be
part
of a community/mailing list and not be asked the same questions. 


>   It may seem unfriendly to some folks, but it's honestly 
>not.  When
>you get down to it, sure, none of us acquired our knowledge all by
>ourselves...but we also didn't acquire our knowledge by asking
>someone else to do our homework all the time.
>

True, you shouldn't do somebody's homework for them, but from what
I've seen from the list is the COMPLETE opposite. When someone
asks where they can find something that is when they are given the
google lecture. Telling them where to find information is NOT doing
their homework, it's more like telling them what the homework
assignment is. On the flip side the 'gurus' are always quick to offer
a script of theirs that does this and that. That would be doing their
homework. Not saying this is wrong because I believe that's one of
the reasons we are part of a community. 

TP


>- -Jay
>
>  ((   
>   ___
>  ))   ))   .--"There's always time for a good cup of 
>coffee"--.   ><--.
>C|~~|C|~~| (>-- Jay D. Dyson -- [EMAIL PROTECTED] 
>--<) |= |-'
> `--' `--'  `The armed are citizens.  The unarmed are 
>subjects.'  `--'
>
>-BEGIN PGP SIGNATURE-
>Version: GnuPG v1.0.6 (SunOS)
>Comment: See http://www.treachery.net/~jdyson/ for current keys.
>
>iEYEARECAAYFAjyAOhEACgkQGI2IHblM+8GwQQCeNhIEHsz5jac/GH1Y0qYYVyT7
>1soAn3Pv6e4NLxrcLoagtG9KqgWVdknK
>=PgT5
>-END PGP SIGNATURE-
>

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBPIUMRKcpngnXKJlsEQJ/NACdHQ/zDuuQjkjzLxZyU7MhVpt5MIAAoPui
3b/ZRQXh7KSZLY9KP/vFgo3M
=Q9KT
-END PGP SIGNATURE-

RE: Unclassified Disk "Sanitizers"

[John Daniele]

The data only has to be overwritten once such that it is unrecoverable
using standard forensic recovery methods. Secondly, the point of
overwriting with several passes is to generate enough magnetic force to
switch the domains and may or may not work, depending on the physical
characteristics of the drive. I suspect that in most cases, it won't as
it isn't that easy when dealing with the threat of MFM/STM/*[F|T|I|P]M

You have to have an understanding of the particulars of the scheme used by
the drive for encoding data (and its variants) to properly design
alternating overwrite patterns that don't repeat, and will work, not to
mention an understanding of its physical characteristics as was mentioned
by Matthew.

more info:
http://www.cs.auckland.ac.nz/~pgut001/secure_del.html

_
John Daniele
Technical Security & Intelligence
Toronto, ON
Voice:  (416) 605-2041
E-mail: [EMAIL PROTECTED]
Web:http://www.tsintel.com

On Sun, 3 Mar 2002, Matthew Tallon wrote:

>
> Hi,
>
> > the safe side and use 7 passes to be thorough. If memory
> > serves, seven passes is also the DoD standard (along with
> > randomized non-sensitive data for the re-write).
>
> I don't want to beat this one to death, but more than a few
> questions bounce around in my head.  Any physics majors or hd
> gurus out there?  Having a fair amount of experience in the
> audio field, I understand the issues involved with analog
> recordings but I know very little about the details of digital
> media.
>
> This seems to imply that if I re-write the same data to the same
> location on a disk, the bits are magnetically stronger with each
> write, or even that under normal use, I could extract (under
> optimal conditions) several generations of data from the same
> location on the disk.  I suppose various vendors would create
> heads that write stronger signals to disk and would prove more
> reliable from a security (and integrity) point of view.
>
> Sort of going back to college, can someone point me to an
> authoritative breakdown of hard drive media?  I have to admit,
> my curiosity is thoroughly piqued!
>
> Thanks,
>
> Matthew Tallon
>
>

RE: Google Attitude was RE: Unclassified Disk "Sanitizers"

[Greg Horne]

You made a very good point.  It IS unfair for people to ask
lists the same questions over and over and expect a response every time.
But certainly it is unfair to give that answer to somebody new to the
list, they don't know about this google concept...  "Go to google"
appears rude to them.  Of course it is not really rude, but until they
understand how the list works bad vibes flow. :(  It might be a good
idea to give new users search tips that we take for granted, via email
after they subscribe.  If there is already a system in place that does
this forgive my ignorance, I subscribed a while back and don't recall
anything of this sort.

- - -
Greg Horne

> -Original Message-
> From: Jay D. Dyson [mailto:[EMAIL PROTECTED]]
> Sent: Friday, March 01, 2002 6:34 PM
> To: Greg Horne
> Cc: [EMAIL PROTECTED]
> Subject: Re: Google Attitude was RE: Unclassified Disk "Sanitizers"
> 
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> On Thu, 28 Feb 2002, Greg Horne wrote:
> 
> > I know what you mean.  It seems to me that a lot of people take for
> > granted the knowledge that they have.  I mean, not everybody knows
WHAT
> > to search for on google.
> 
>   I'd have to disagree on that point.  Ninety-nine times out of
> one-hundred, whenever I have seen a question to which I give the
"Google
> is your friend" answer, the very search string used is the key words
in
> the author's question.
> 
>   For example:Question: Is there a Howto or a FAQ on NFS?
>   Answer  : Go to Google and enter
"howto+faq+nfs".
> 
>   Bang.  That's it.  It's trivial.  Anyone who so much as *knows*
> that Google exists could do that.
> 
>   The bottom line is this: I don't mind helping people out.  I got
> to where I am because others pointed me in the right direction when I
> needed it.  But one thing that was made *sparkling clear* from the
start
> was that it was disrespectful to just expect others to regurgitate
answers
> any time you wanted.  Indeed, it was a matter of courtesy of respect
to at
> least first make your own effort to find what you needed before asking
> someone else to give you the answers.
> 
>   It may seem unfriendly to some folks, but it's honestly not.
When
> you get down to it, sure, none of us acquired our knowledge all by
> ourselves...but we also didn't acquire our knowledge by asking someone
> else to do our homework all the time.
> 
> - -Jay
> 
>   ((
___
>   ))   ))   .--"There's always time for a good cup of coffee"--.
><-
> -.
> C|~~|C|~~| (>-- Jay D. Dyson -- [EMAIL PROTECTED] --<) |
=
> |-'
>  `--' `--'  `The armed are citizens.  The unarmed are subjects.'
`--'
> 
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.0.6 (SunOS)
> Comment: See http://www.treachery.net/~jdyson/ for current keys.
> 
> iEYEARECAAYFAjyAOhEACgkQGI2IHblM+8GwQQCeNhIEHsz5jac/GH1Y0qYYVyT7
> 1soAn3Pv6e4NLxrcLoagtG9KqgWVdknK
> =PgT5
> -END PGP SIGNATURE-

Re: Google Attitude was RE: Unclassified Disk "Sanitizers"

[Sumit Dhar]

On Fri, 1 Mar 2002, Jay D. Dyson wrote:

>   For example:Question: Is there a Howto or a FAQ on NFS?
>   Answer  : Go to Google and enter "howto+faq+nfs".

Well, *S*, that would be simplifying things a bit too much. I do
remember this happened when someone asked for Basic Books on Encryption.
Oh, yes I agree with you Jay that even for this question google will
give you the answers. But if someone is asking this question he probably
doesnt know that "Applied Encryption by Bruce Schneier" is better that
"Dhar Explains Encryption". And google does thrown 1000s of such
results. What such a user might be asking is, "According to the
collective wisdom here, what would be a good book on Encryption for a
beginner, from among the thousands available in the market". I doubt
google would help in that case. What do you think??

>   The bottom line is this: I don't mind helping people out.  I got
> to where I am because others pointed me in the right direction when I

There are times when I too feel the same way. If something is very
basic, which *should* be known by everyone... I stop and think for a lil
time. There was a time, when I too didnt know it. This is all so
relative. So instead of telling him search on google, which wastes my
time, his time, prolly the time of the moderator, I dont say anything
at all. :))

> least first make your own effort to find what you needed before asking
> someone else to give you the answers.

I gotta agree with you that what you try out on your own is probably the
best thing for you.But it might now always work. So why not lend the
bugger a helping hand if we can. The important word being "if"...

I know lot will agree, and a number of you will disagree with me. But
the point I guess, is to be a *wee bit* more tolerant... like an
indulgent teacher teaching a bunch of lil children :))

Regards
Dhar

-- 
Smith & Wesson: The original point and click interface.

pub  1024D/7AB2D05A 2002-02-24 Sumit Dhar (Sumit Dhar, SLMSoft.com) <[EMAIL PROTECTED]>
 Key fingerprint = 4A18 D20D 3D15 6C5B CD2F  8E45 B903 0C29 7AB2 D05A

RE: Unclassified Disk "Sanitizers"

[Matthew Tallon]

Hi,

> the safe side and use 7 passes to be thorough. If memory
> serves, seven passes is also the DoD standard (along with
> randomized non-sensitive data for the re-write).

I don't want to beat this one to death, but more than a few
questions bounce around in my head.  Any physics majors or hd
gurus out there?  Having a fair amount of experience in the
audio field, I understand the issues involved with analog
recordings but I know very little about the details of digital
media.

This seems to imply that if I re-write the same data to the same
location on a disk, the bits are magnetically stronger with each
write, or even that under normal use, I could extract (under
optimal conditions) several generations of data from the same
location on the disk.  I suppose various vendors would create
heads that write stronger signals to disk and would prove more
reliable from a security (and integrity) point of view.

Sort of going back to college, can someone point me to an
authoritative breakdown of hard drive media?  I have to admit,
my curiosity is thoroughly piqued!

Thanks,

Matthew Tallon

Re: Unclassified Disk "Sanitizers"

[securityfocus . com]

On Wed, Feb 27, 2002 at 08:18:28AM -0800, Jared C. Lovell wrote:
> C'mon kids, why waste money just to destroy data?  It's easier than all
> that.  Drop disk in question in a free unix box, then:
> 
> dd if=/dev/urandom of=/dev/daWhateverdisk 
> 
> If you're really paranoid, put it in a while true, run it all night.  It
> takes longer than a blowtourch but get the drive just as hot and
> delicious without the open flame. 

while sleep 1; 
for i in zero urandom ; 
do
dd if=/dev/$i of=/dev/hda
done 
done

This will kill it, second only to a blowtorch.  The government has
apparently found that with todays high capacity disks, even drive ground
into shards Have enough data on the pieces to be able to recontrust
significant parts of files.  The blowtorch can make the magnetic surface
lost its abilitiy to hold a charge.  Ain't science cool?


Tom's Root Boot probably has dd on it, so you can just boot from the
floppy, type the script into a root shell, and go.  You don't even need
to pull the drive.  Hell, if you're doing it to a bunch of machines,
you can change an init script to do this on boot-up.  Just don't leave
it in the floppy drive of your desktop after you make it.  :-)


Rob




msg04367/pgp0.pgp
Description: PGP signature

RE: Unclassified Disk "Sanitizers"

[John Daniele]

> Who's to say the recycling company doesn't read'em first? Or a
> corporate spy assigned to work at a recycling center?

Well.. yah obviously!! Which is why if one is so concerned one should
accompany their equipment to the destruction site and oversee the process.

Sounds a bit silly to be worried about spies armed with
MFM/STM/*[F|T|I|P]M equipment while completely ignoring common sense!

> And I'd think formatted drives sent to the NSA for meltdown would prolly
> make a pretty good training media for those at NSA learning to read data
> from erased/over-written disks.

Perhaps..  can you even take a guess at how long it would take to recover
even 1Mbs of meaningful data that had been overwritten?

Not that there aren't organizations that should be worried about this
threat, however, it is important to be somewhat realistic as to who your
potential adversaries are.

> Sanding the platters is a POSITIVE way to forever destroy the data and it's
> one that most folks can do.

Perhaps.. ;-)

> Third party forges/furnaces are like accepting candy and rides from
> strangers.

As I said before -- sounds a bit silly to be worried about spies armed
with MFM/STM/*[F|T|I|P]M equipment while completely ignoring common sense!

I agree ten fold!

> Army Regulation (AR) 380-19 Appendix E  4.5.2 Destruction of Removable Hard
> Disks and Disk Packs states that sanding the platters is one of the
> recommended ways to declassify a Top Secret hard drive.

I'm not arguing against sanding down platters, but simply denting it with
a sledgehammer is hardly proper procedure. Occasionally platters from
drives located within aircraft 'black boxes' are dented..  that doesn't
*always* prevent investigation of the data.

> D. Weiss
> CCNA/MCSE/SSP2

john.

RE: Unclassified Disk "Sanitizers"

[Marc Eiler (Volt)]

Be careful doing a low-level format.  If you are doing it on an
IDE drive, you will end up formatting it to a 32MB drive!  I know
because I did it in my early years of computing.  SCSI drives should be
fine though.

My favorite solution is using a large magnet to realign the
bits.  =o)  Just kidding.

Virtually,
MarC Eiler

-Original Message-
From: Bob Dog [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, February 27, 2002 9:32 AM
To: [EMAIL PROTECTED]
Subject: RE: Unclassified Disk "Sanitizers"

>"Sadler, Connie J" wrote:
>
>> Does anyone have recommendations for freeware or shareware that
>effectively
>> erases disks for unclassified but sensitive information? This would
be
>used
>> for all machines "retired" to school programs, etc. We need one for
>Windows
>> and one for UNIX, if one tool can't clean both types of disks.
Anybody
>have
>> experience with this?
>>
>> Thank you!
>>
>> Connie

Since you said unclassified but sensitive I take you mean that
it is just information you would rather other people not see
and not some deathly important information.
All you should have to do is low level format the drive.
Heck, if you want, do it twice. This should be way way *more*
than enough for your purposes. You can get a low level formating
utility, in most cases, for free from the manufacturer's web site.
If you just low level format it, or twice, it would take a *HUGE*
amount of work to retrieve your data. 

_
Visit these sites today
Blink 182 Fan Site - www.blink182.co.nz
NZ Skateboarding - www.nzskate.com

_
You deserve a better email address! Get personalized email @yourname
or @yourcompany from Everyone.net --> http://www.everyone.net?tag

RE: Unclassified Disk "Sanitizers"

[David]

The NSA likes to melt down drives too. They recover the precious metals and
I've heard that it's a rather good return monetarily. Apparently there's
some metals like platinum in there.

My point is: YOU determine how detrimental/damaging dissemination of your
data could be, and then take the appropriate steps to protect it. If release
is so damaging you'd rather destroy the drive than risk release, then sand
off the magnetic medium from those disks BEFORE you recycle. Who's to say
the recycling company doesn't read'em first? Or a corporate spy assigned to
work at a recycling center?

And I'd think formatted drives sent to the NSA for meltdown would prolly
make a pretty good training media for those at NSA learning to read data
from erased/over-written disks.

Sanding the platters is a POSITIVE way to forever destroy the data and it's
one that most folks can do. Third party forges/furnaces are like accepting
candy and rides from strangers.

And if all it has is your doom and half-life games and you don't care, then
fdisk it and let someone else use it.

Army Regulation (AR) 380-19 Appendix E  4.5.2 Destruction of Removable Hard
Disks and Disk Packs states that sanding the platters is one of the
recommended ways to declassify a Top Secret hard drive.

http://www.fas.org/irp/doddir/army/ar380-19/appendix_e.htm

D. Weiss
CCNA/MCSE/SSP2

-Original Message-
From: John Daniele [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 6:04 PM
To: [EMAIL PROTECTED]
Cc: Sadler, Connie J; [EMAIL PROTECTED]
Subject: RE: Unclassified Disk "Sanitizers"



While taking a sledgehammer to a drive does sound quite therapeutic, I
would suggest rather, to look around for your local metal recycling
company. They will gladly take your old hard drives, monitors, Sun IPCs
(on second thought, instead send them over my way! :p) and mince them to
itty bitty peices for you! And in much smaller chunks than you could ever
possibly replicate with a sledgehammer.

www.resourcecon.com is one company that a few of my clients have used.

ttyl,
_
John Daniele
Technical Security & Intelligence
Toronto, ON
Voice:  (416) 605-2041
E-mail: [EMAIL PROTECTED]
Web:http://www.tsintel.com

On Tue, 26 Feb 2002 [EMAIL PROTECTED] wrote:

> DoD wipe, Norton Wipe, KO.
>
> Three passes for sensitive info. Seen KO and DoD used for higher than
that.
>
> And all three could have been the same program. They sure did look alike.
>
> No idea on price
>
> I can't find my link at the moment, but there used to be a link to a paper
> that went into painful detail how you could build your own -- oops!! found
> the link. Luck I remembered "Magnetic force scanning tunneling microscopy
> (STM)" Made the search pretty quick.
>
> This link tells you just how safe your old hard drive is. YOU have to
> determine how much effort YOU want to spend to be safe.
>
> If it was my hard drive with my excel spreadsheet of all my unreturned
> public library books (Which I do really intend to turn back in, some day
> when I return to the USA (Any lawyer types out there know the statute of
> limitations on overdue library books??)) I'd open the drive up and sand
off
> the magnetic media with an electric sander, then use an 8 pound fine
> alignment tool (sledgehammer) to reduce it to shards.
>
> The link, for those that held out:
>
>
http://www.usenix.org/publications/library/proceedings/sec96/full_papers/gut
> mann/
>
> When you read this, don't feel inferior. Uncle Peter Guttmann doesn't want
> you to feel that way; he's just oh so much more brilliant than most of us.
I
> sure felt humbled.
>
> D. Weiss
> CCNA/MCSE/SSP2
>
>
> -Original Message-
> From: Kevin Maute [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, February 23, 2002 4:29 PM
> To: Sadler, Connie J; [EMAIL PROTECTED]
> Subject: Re: Unclassified Disk "Sanitizers"
>
>
> Connie,
>
> I found no (reasonably priced) utility when I looked at this about 2 years
> ago.  I was an Air Force contractor at the time and had much the same
> problem
> that you (probably) do.
>
> My solution was to develop a Linux based solution to do this.  The
advantage
> of
> this was it supports both SCSI and IDE disks and doesn't care what OS/Data
> is
> on the disk.
>
> There was also a document that dictated that for your needs you needed 3
> passes
> to "clear" the data and for more sensitive needs require 7 passes to
> "sanitize"
> the disk.
>
> Many people that are familiar with disk technologies feel this may not be
> enough but to do anything with the data that may still be on the disk
> requires
> fairly expensive hardware and lots of time...
>
> Kevi

Re: Unclassified Disk "Sanitizers"

[backoffmymachine]

Connie,

As I'm sure you are aware, Sensitive But Unclassified (SBU) data has a different 
standard for what constitutes "securely erased" than your garden variety data. As 
such, I normally recommend that people dealing with tasks such as yours contact their 
Inspector General (IG) office, CIO office, or whoever is in charge of the agency IT 
security and get a tool/procedure from them. Since you are submitting the question to 
the newsgroup I assume that you've already done this and they weren't of much help.

Of the tools mentioned in the list so far, I've suggested both autoclave and bcwipe to 
people before based on other agency's use of those programs. I also suggest that you 
may want to err on the safe side and use 7 passes to be thorough. If memory serves, 
seven passes is also the DoD standard (along with randomized non-sensitive data for 
the re-write).

Regards,

Bomm




>Does anyone have recommendations for freeware or shareware that effectively
>erases disks for unclassified but sensitive information? This would be used
>for all machines "retired" to school programs, etc. We need one for Windows
>and one for UNIX, if one tool can't clean both types of disks. Anybody have
>experience with this?
>
>Thank you!
>
>Connie


Hush provide the worlds most secure, easy to use online applications - which solution 
is right for you?
HushMail Secure Email http://www.hushmail.com/
HushDrive Secure Online Storage http://www.hushmail.com/hushdrive/
Hush Business - security for your Business http://www.hush.com/
Hush Enterprise - Secure Solutions for your Enterprise http://www.hush.com/

Looking for a good deal on a domain name? 
http://www.hush.com/partners/offers.cgi?id=domainpeople

Re: Unclassified Disk "Sanitizers"

[Richard Cotterell]

Ref: Brad <[EMAIL PROTECTED]>'s
   message dated 23 Feb 2002, 21:36 hours.

>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA1
>
>On 21 Feb 2002 at 17:30, Sadler, Connie J wrote:
>
>From:  "Sadler, Connie J" <[EMAIL PROTECTED]>
>To:[EMAIL PROTECTED]
>Subject:   Unclassified Disk "Sanitizers"
>Date sent: Thu, 21 Feb 2002 17:30:57 -0500
>
>> 
>> Does anyone have recommendations for freeware or shareware that effectively
>> erases disks for unclassified but sensitive information? This would be used
>> for all machines "retired" to school programs, etc. We need one for Windows
>> and one for UNIX, if one tool can't clean both types of disks. Anybody have
>> experience with this?
>> 
>> Thank you!
>> 
>> Connie
>
>
>Hi Connie and all
>
>The Cleaner from Sami Tolvanen is an excellent file wiper for Windows:
>
>http://www.tolvanen.com/eraser/
>
>It is freeware. Sorry, can't comment on UNIX tools.
>

Actually its name is ERASER and the current version is 5.3 (the last that will be 
issued).

One thing to remember running Windows, is that the Swap File does not get wiped out 
properly ever, so there is a security issue as to a forensic possibilty (high) to have 
a 
look at the information in that section of disk.

Either do one of two things here: [a] get yourself a swap file overwriter such as 
SWAPFOVE that works in conjunction with SCORCH, or [b] command Windows via Control 
Panel's System tab to drop using a swap file.  Should your system be low on RAM, then 
you 
will have to use, more than probable, a MS-DOS utility to erase information from disk 
in 
place of ERASER 5.3 because, perhaps, Windows will not be able to launch correctly.

--
Richard H. Cotterell  


If someone says 'can't,' that shows you what to do.
  -John Cage

RE: Unclassified Disk "Sanitizers"

[Sadler, Connie J]

But remember, it has to be "approved" based on unclassified government
standards.  ;-)

-Original Message-
From: Jared C. Lovell [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 11:18 AM
To: Sadler, Connie J
Cc: [EMAIL PROTECTED]
Subject: Re: Unclassified Disk "Sanitizers"



C'mon kids, why waste money just to destroy data?  It's easier than all
that.  Drop disk in question in a free unix box, then:

dd if=/dev/urandom of=/dev/daWhateverdisk 

If you're really paranoid, put it in a while true, run it all night.  It
takes longer than a blowtourch but get the drive just as hot and
delicious without the open flame. 

- Jared Lovell

On Thu, 21 Feb 2002, Sadler, Connie J wrote:

> 
> Does anyone have recommendations for freeware or shareware that
effectively
> erases disks for unclassified but sensitive information? This would be
used
> for all machines "retired" to school programs, etc. We need one for
Windows
> and one for UNIX, if one tool can't clean both types of disks. Anybody
have
> experience with this?
> 
> Thank you!
> 
> Connie
> 

Re: Unclassified Disk "Sanitizers"

[Jared C. Lovell]

C'mon kids, why waste money just to destroy data?  It's easier than all
that.  Drop disk in question in a free unix box, then:

dd if=/dev/urandom of=/dev/daWhateverdisk 

If you're really paranoid, put it in a while true, run it all night.  It
takes longer than a blowtourch but get the drive just as hot and
delicious without the open flame. 

- Jared Lovell

On Thu, 21 Feb 2002, Sadler, Connie J wrote:

> 
> Does anyone have recommendations for freeware or shareware that effectively
> erases disks for unclassified but sensitive information? This would be used
> for all machines "retired" to school programs, etc. We need one for Windows
> and one for UNIX, if one tool can't clean both types of disks. Anybody have
> experience with this?
> 
> Thank you!
> 
> Connie
> 

RE: Unclassified Disk "Sanitizers"

[Bob Dog]

>"Sadler, Connie J" wrote:
>
>> Does anyone have recommendations for freeware or shareware that
>effectively
>> erases disks for unclassified but sensitive information? This would be
>used
>> for all machines "retired" to school programs, etc. We need one for
>Windows
>> and one for UNIX, if one tool can't clean both types of disks. Anybody
>have
>> experience with this?
>>
>> Thank you!
>>
>> Connie

Since you said unclassified but sensitive I take you mean that
it is just information you would rather other people not see
and not some deathly important information.
All you should have to do is low level format the drive.
Heck, if you want, do it twice. This should be way way *more*
than enough for your purposes. You can get a low level formating
utility, in most cases, for free from the manufacturer's web site.
If you just low level format it, or twice, it would take a *HUGE*
amount of work to retrieve your data. 

_
Visit these sites today
Blink 182 Fan Site - www.blink182.co.nz
NZ Skateboarding - www.nzskate.com

_
You deserve a better email address! Get personalized email @yourname
or @yourcompany from Everyone.net --> http://www.everyone.net?tag

RE: Unclassified Disk "Sanitizers"

[John Daniele]

While taking a sledgehammer to a drive does sound quite therapeutic, I
would suggest rather, to look around for your local metal recycling
company. They will gladly take your old hard drives, monitors, Sun IPCs
(on second thought, instead send them over my way! :p) and mince them to
itty bitty peices for you! And in much smaller chunks than you could ever
possibly replicate with a sledgehammer.

www.resourcecon.com is one company that a few of my clients have used.

ttyl,
_
John Daniele
Technical Security & Intelligence
Toronto, ON
Voice:  (416) 605-2041
E-mail: [EMAIL PROTECTED]
Web:http://www.tsintel.com

On Tue, 26 Feb 2002 [EMAIL PROTECTED] wrote:

> DoD wipe, Norton Wipe, KO.
>
> Three passes for sensitive info. Seen KO and DoD used for higher than that.
>
> And all three could have been the same program. They sure did look alike.
>
> No idea on price
>
> I can't find my link at the moment, but there used to be a link to a paper
> that went into painful detail how you could build your own -- oops!! found
> the link. Luck I remembered "Magnetic force scanning tunneling microscopy
> (STM)" Made the search pretty quick.
>
> This link tells you just how safe your old hard drive is. YOU have to
> determine how much effort YOU want to spend to be safe.
>
> If it was my hard drive with my excel spreadsheet of all my unreturned
> public library books (Which I do really intend to turn back in, some day
> when I return to the USA (Any lawyer types out there know the statute of
> limitations on overdue library books??)) I'd open the drive up and sand off
> the magnetic media with an electric sander, then use an 8 pound fine
> alignment tool (sledgehammer) to reduce it to shards.
>
> The link, for those that held out:
>
> http://www.usenix.org/publications/library/proceedings/sec96/full_papers/gut
> mann/
>
> When you read this, don't feel inferior. Uncle Peter Guttmann doesn't want
> you to feel that way; he's just oh so much more brilliant than most of us. I
> sure felt humbled.
>
> D. Weiss
> CCNA/MCSE/SSP2
>
>
> -Original Message-----
> From: Kevin Maute [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, February 23, 2002 4:29 PM
> To: Sadler, Connie J; [EMAIL PROTECTED]
> Subject: Re: Unclassified Disk "Sanitizers"
>
>
> Connie,
>
> I found no (reasonably priced) utility when I looked at this about 2 years
> ago.  I was an Air Force contractor at the time and had much the same
> problem
> that you (probably) do.
>
> My solution was to develop a Linux based solution to do this.  The advantage
> of
> this was it supports both SCSI and IDE disks and doesn't care what OS/Data
> is
> on the disk.
>
> There was also a document that dictated that for your needs you needed 3
> passes
> to "clear" the data and for more sensitive needs require 7 passes to
> "sanitize"
> the disk.
>
> Many people that are familiar with disk technologies feel this may not be
> enough but to do anything with the data that may still be on the disk
> requires
> fairly expensive hardware and lots of time...
>
> Kevin
>
>
> "Sadler, Connie J" wrote:
>
> > Does anyone have recommendations for freeware or shareware that
> effectively
> > erases disks for unclassified but sensitive information? This would be
> used
> > for all machines "retired" to school programs, etc. We need one for
> Windows
> > and one for UNIX, if one tool can't clean both types of disks. Anybody
> have
> > experience with this?
> >
> > Thank you!
> >
> > Connie
>
>
>
>
> --
> ++
> Kevin Maute
>
> Educating people on the avoidable carcinogens in their lives
> and how to replace them with safe, superior products.
>
> mailto:[EMAIL PROTECTED]
> http://www.ineways.com/kmaute
> http://www.newaysonline.com
> ++
>
>
>
>

Re: Unclassified Disk "Sanitizers"

[John Daniele]

hehe.. true., then again, STM can work wonders if you have the luxury of
unlimited time! ;-)

dd will work as well, realistically, data only has to be overwritten ONCE
to be unrecoverable using standard forensic methods!

_
John Daniele
Technical Security & Intelligence
Toronto, ON
Voice:  (416) 605-2041
E-mail: [EMAIL PROTECTED]
Web:http://www.tsintel.com

On Mon, 25 Feb 2002, Meritt James wrote:

> Sorta depends if you ever want to use it again.
>
> If not, a blowtorch would probably work nicely.
>
> --
> James W. Meritt CISSP, CISA
> Booz | Allen | Hamilton
> phone: (410) 684-6566
>

RE: Unclassified Disk "Sanitizers"

[Tester]

You can try Format Secure by East Technologies. 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 25, 2002 10:06 AM
To: Kevin Maute
Cc: [EMAIL PROTECTED]
Subject: Re: Unclassified Disk "Sanitizers"



  For the price of that kind of utility, you might as well physically
destroy the hdd's, and replace
them with new or used drives picked up at auction.  Price per gb at least
for IDE drives has gotten
cheap enough for this to be a plausible situation.  Just depends on how gone
you want that
information.




 

Kevin Maute

, 
pring.com>   [EMAIL PROTECTED]

 cc:

02/23/2002       Subject:     Re: Unclassified Disk
"Sanitizers"   
09:29 AM

 

 





Connie,

I found no (reasonably priced) utility when I looked at this about 2 years
ago.  I was an Air Force contractor at the time and had much the same
problem
that you (probably) do.

My solution was to develop a Linux based solution to do this.  The advantage
of
this was it supports both SCSI and IDE disks and doesn't care what OS/Data
is
on the disk.

There was also a document that dictated that for your needs you needed 3
passes
to "clear" the data and for more sensitive needs require 7 passes to
"sanitize"
the disk.

Many people that are familiar with disk technologies feel this may not be
enough but to do anything with the data that may still be on the disk
requires
fairly expensive hardware and lots of time...

Kevin


"Sadler, Connie J" wrote:

> Does anyone have recommendations for freeware or shareware that
effectively
> erases disks for unclassified but sensitive information? This would be
used
> for all machines "retired" to school programs, etc. We need one for
Windows
> and one for UNIX, if one tool can't clean both types of disks. Anybody
have
> experience with this?
>
> Thank you!
>
> Connie




--
++
Kevin Maute

Educating people on the avoidable carcinogens in their lives
and how to replace them with safe, superior products.

mailto:[EMAIL PROTECTED]
http://www.ineways.com/kmaute
http://www.newaysonline.com
++

RE: Unclassified Disk "Sanitizers"

[dieter . scholtyssek]

There is someone looking for beta testers for such a product in a forum
here... http://www.timebomb2000.com/vb/showthread.php?s=&threadid=22741

Sounds like a product that would be interesting to us...

Dieter



   
  
   
  
"Eric Dumbaugh"To: "Kevin Maute" 
<[EMAIL PROTECTED]>, "Sadler, Connie J" 
, 
[EMAIL PROTECTED]  
dcomp.com> cc: (bcc: Dieter 
Scholtyssek/CONTRACTOR/7BC/R07/GSA/GOV)  
           Subject: RE: Unclassified Disk 
"Sanitizers"   
02/25/2002 
  
11:48 AM   
  
   
  
   
  




Get a big powered magnet from Radio Shack.

-Original Message-
From: Kevin Maute [mailto:[EMAIL PROTECTED]]
Sent: Saturday, February 23, 2002 10:29 AM
To: Sadler, Connie J; [EMAIL PROTECTED]
Subject: Re: Unclassified Disk "Sanitizers"

Connie,

I found no (reasonably priced) utility when I looked at this about 2
years
ago.  I was an Air Force contractor at the time and had much the same
problem
that you (probably) do.

My solution was to develop a Linux based solution to do this.  The
advantage of
this was it supports both SCSI and IDE disks and doesn't care what
OS/Data is
on the disk.

There was also a document that dictated that for your needs you needed 3
passes
to "clear" the data and for more sensitive needs require 7 passes to
"sanitize"
the disk.

Many people that are familiar with disk technologies feel this may not
be
enough but to do anything with the data that may still be on the disk
requires
fairly expensive hardware and lots of time...

Kevin


"Sadler, Connie J" wrote:

> Does anyone have recommendations for freeware or shareware that
effectively
> erases disks for unclassified but sensitive information? This would be
used
> for all machines "retired" to school programs, etc. We need one for
Windows
> and one for UNIX, if one tool can't clean both types of disks. Anybody
have
> experience with this?
>
> Thank you!
>
> Connie




--
++
Kevin Maute

Educating people on the avoidable carcinogens in their lives
and how to replace them with safe, superior products.

mailto:[EMAIL PROTECTED]
http://www.ineways.com/kmaute
http://www.newaysonline.com
++

RE: Unclassified Disk "Sanitizers"

[Harris Samuel W PORT]

I am really disappointed in the continuing answer "use Google" or
use something else. All of the people on this list know how to use a search
engine. What the beginners are asking is for advice on which ones are good
sites and which ones are bad. I remember the trouble I had finding good
sites. My time was very limited and I needed to concentrate on getting the
best info in the little time available to me. This is Security BASICS after
all. There are a lot of beginners on this list and understandably there will
be a lot of duplication of questions and answers. What were you people like
in the beginning of your studies. I am sure we are all alike. I knew next to
nothing and thanks to a great bunch of people I was able to gather a lot of
info despite  thanks to the "use Google" crowd. 

Samuel Harris
A+, MCP, Networking Certificate, Phi Theta Kappa
Portsmouth Naval Shipyard
Portsmouth , NH 03801
(207) 438-1275


-Original Message-
From: Phil Park [mailto:[EMAIL PROTECTED]]
Sent: Saturday, February 23, 2002 10:50 AM
To: Sadler, Connie J
Cc: [EMAIL PROTECTED]
Subject: Re: Unclassified Disk "Sanitizers"


-BEGIN PGP SIGNED MESSAGE-

PGP (go to www.pgpi.org) has a wipe feature. The Windows version will wipe
files and free space as well.

You can also go to google and search for "secure delete".

thx
- --phil
- --
phil park
system administrator
[EMAIL PROTECTED]
208.885.5562 (phone)
208.885.7099 (fax)
419.730.3247 (e-fax)
http://www.csds.uidaho.edu

On Thu, 21 Feb 2002, Sadler, Connie J wrote:

>
> Does anyone have recommendations for freeware or shareware that
effectively
> erases disks for unclassified but sensitive information? This would be
used
> for all machines "retired" to school programs, etc. We need one for
Windows
> and one for UNIX, if one tool can't clean both types of disks. Anybody
have
> experience with this?
>
> Thank you!
>
> Connie
>

-BEGIN PGP SIGNATURE-
Version: PGP 6.5.8

iQEVAwUBPHe58FDd4eFw884XAQEZ9wf+PjDitYEWW8ctMhXEPRZbFscGXwOGSN+Q
psrqZtKT86Mw3wlQJHtIS0n8ClN4vshytnFy1KOhrAHTHmPnfdAimxUOXd8Fhwpv
55cv/2DdvBZn58QJXUQsAVekNZXDnwX79kcKwHFtWBv/bAGOvP+EZI3nsZsElOkh
a+N0VWhuVwYfjE0z8I6EcH2FTXZ8dw7JMmvvV55ijy2KrO2wEGSpbnCD9nHwety4
K+8N8u/3j469uO0PZXGSFmQ6HBDclz0eWdrYyf0pUZevggZmIDuxbz5XCJw9s0FE
qIlAsBX57YcpFEYRY5WCHncA+o8V33s/jh/nllxpKlF80YRrBrG0bg==
=qP3v
-END PGP SIGNATURE-

Re: Unclassified Disk "Sanitizers"

[George Chip Smith]

If you are using anything, I would use bcwipe (i know there is a unix 
version, unknow about windows though), it has been approved by the DOD 
for wiping disks and makes any data recovery from wiped disks virtually 
impossible (by virtue of the way it works).
--Chip

[EMAIL PROTECTED] wrote:

> Try:
> 
> http://www.tolvanen.com/eraser/
> 
> For Windows.
> 
> James
> 
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, February 21, 2002 3:31 PM
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: Unclassified Disk "Sanitizers"
> 
> 
> 
> Does anyone have recommendations for freeware or shareware that
> effectively
> erases disks for unclassified but sensitive information? This would be
> used
> for all machines "retired" to school programs, etc. We need one for
> Windows
> and one for UNIX, if one tool can't clean both types of disks. Anybody
> have
> experience with this?
> 
> Thank you!
> 
> Connie
> 


-- 
This is your world ... you can live for yourself today  or  
help build tomorrow for everyone. -- VNV Nation, Foreward
*
*  George 'Chip' Smith*Lawrence Berkeley Lab*
*  [EMAIL PROTECTED]*National Energy Research *
*  (510) 495-2674 *Scientific Computing Center  *
*

RE: Unclassified Disk "Sanitizers"

[Eric Dumbaugh]

Get a big powered magnet from Radio Shack.

-Original Message-
From: Kevin Maute [mailto:[EMAIL PROTECTED]] 
Sent: Saturday, February 23, 2002 10:29 AM
To: Sadler, Connie J; [EMAIL PROTECTED]
Subject: Re: Unclassified Disk "Sanitizers"

Connie,

I found no (reasonably priced) utility when I looked at this about 2
years
ago.  I was an Air Force contractor at the time and had much the same
problem
that you (probably) do.

My solution was to develop a Linux based solution to do this.  The
advantage of
this was it supports both SCSI and IDE disks and doesn't care what
OS/Data is
on the disk.

There was also a document that dictated that for your needs you needed 3
passes
to "clear" the data and for more sensitive needs require 7 passes to
"sanitize"
the disk.

Many people that are familiar with disk technologies feel this may not
be
enough but to do anything with the data that may still be on the disk
requires
fairly expensive hardware and lots of time...

Kevin


"Sadler, Connie J" wrote:

> Does anyone have recommendations for freeware or shareware that
effectively
> erases disks for unclassified but sensitive information? This would be
used
> for all machines "retired" to school programs, etc. We need one for
Windows
> and one for UNIX, if one tool can't clean both types of disks. Anybody
have
> experience with this?
>
> Thank you!
>
> Connie




--
++
Kevin Maute

Educating people on the avoidable carcinogens in their lives
and how to replace them with safe, superior products.

mailto:[EMAIL PROTECTED]
http://www.ineways.com/kmaute
http://www.newaysonline.com
++

RE: Unclassified Disk "Sanitizers"

[David]

DoD wipe, Norton Wipe, KO.

Three passes for sensitive info. Seen KO and DoD used for higher than that.

And all three could have been the same program. They sure did look alike.

No idea on price

I can't find my link at the moment, but there used to be a link to a paper
that went into painful detail how you could build your own -- oops!! found
the link. Luck I remembered "Magnetic force scanning tunneling microscopy
(STM)" Made the search pretty quick.

This link tells you just how safe your old hard drive is. YOU have to
determine how much effort YOU want to spend to be safe.

If it was my hard drive with my excel spreadsheet of all my unreturned
public library books (Which I do really intend to turn back in, some day
when I return to the USA (Any lawyer types out there know the statute of
limitations on overdue library books??)) I'd open the drive up and sand off
the magnetic media with an electric sander, then use an 8 pound fine
alignment tool (sledgehammer) to reduce it to shards.

The link, for those that held out:

http://www.usenix.org/publications/library/proceedings/sec96/full_papers/gut
mann/

When you read this, don't feel inferior. Uncle Peter Guttmann doesn't want
you to feel that way; he's just oh so much more brilliant than most of us. I
sure felt humbled.

D. Weiss
CCNA/MCSE/SSP2


-Original Message-
From: Kevin Maute [mailto:[EMAIL PROTECTED]]
Sent: Saturday, February 23, 2002 4:29 PM
To: Sadler, Connie J; [EMAIL PROTECTED]
Subject: Re: Unclassified Disk "Sanitizers"


Connie,

I found no (reasonably priced) utility when I looked at this about 2 years
ago.  I was an Air Force contractor at the time and had much the same
problem
that you (probably) do.

My solution was to develop a Linux based solution to do this.  The advantage
of
this was it supports both SCSI and IDE disks and doesn't care what OS/Data
is
on the disk.

There was also a document that dictated that for your needs you needed 3
passes
to "clear" the data and for more sensitive needs require 7 passes to
"sanitize"
the disk.

Many people that are familiar with disk technologies feel this may not be
enough but to do anything with the data that may still be on the disk
requires
fairly expensive hardware and lots of time...

Kevin


"Sadler, Connie J" wrote:

> Does anyone have recommendations for freeware or shareware that
effectively
> erases disks for unclassified but sensitive information? This would be
used
> for all machines "retired" to school programs, etc. We need one for
Windows
> and one for UNIX, if one tool can't clean both types of disks. Anybody
have
> experience with this?
>
> Thank you!
>
> Connie




--
++
Kevin Maute

Educating people on the avoidable carcinogens in their lives
and how to replace them with safe, superior products.

mailto:[EMAIL PROTECTED]
http://www.ineways.com/kmaute
http://www.newaysonline.com
++

RE: Unclassified Disk "Sanitizers"

[Mike Donovan]

I would recommend the "Security and Encryption FAQ Revision 16.1" by Dr. 
WhoThis is a recent revision and is quite good. A keeper. It is a good 
introduction to *applied* encryption focusing on tools, etc. You can find it 
all over the web, but here's a URL where the latest revision can be found:
http://www.privacy.li/security_faq.htm
Anything more than an introduction, email me and I'll send you a good list of 
books.
Good Luck!
Mike Donovan

Re: Unclassified Disk "Sanitizers"

[Cavell . McDermott]

  For the price of that kind of utility, you might as well physically destroy the 
hdd's, and replace
them with new or used drives picked up at auction.  Price per gb at least for IDE 
drives has gotten
cheap enough for this to be a plausible situation.  Just depends on how gone you want 
that
information.




   

Kevin Maute

, 

pring.com>   [EMAIL PROTECTED] 

 cc:   

02/23/2002   Subject: Re: Unclassified Disk 
"Sanitizers"   
09:29 AM   

   

   





Connie,

I found no (reasonably priced) utility when I looked at this about 2 years
ago.  I was an Air Force contractor at the time and had much the same problem
that you (probably) do.

My solution was to develop a Linux based solution to do this.  The advantage of
this was it supports both SCSI and IDE disks and doesn't care what OS/Data is
on the disk.

There was also a document that dictated that for your needs you needed 3 passes
to "clear" the data and for more sensitive needs require 7 passes to "sanitize"
the disk.

Many people that are familiar with disk technologies feel this may not be
enough but to do anything with the data that may still be on the disk requires
fairly expensive hardware and lots of time...

Kevin


"Sadler, Connie J" wrote:

> Does anyone have recommendations for freeware or shareware that effectively
> erases disks for unclassified but sensitive information? This would be used
> for all machines "retired" to school programs, etc. We need one for Windows
> and one for UNIX, if one tool can't clean both types of disks. Anybody have
> experience with this?
>
> Thank you!
>
> Connie




--
++
Kevin Maute

Educating people on the avoidable carcinogens in their lives
and how to replace them with safe, superior products.

mailto:[EMAIL PROTECTED]
http://www.ineways.com/kmaute
http://www.newaysonline.com
++

Re: Unclassified Disk "Sanitizers"

[Meritt James]

Sorta depends if you ever want to use it again.

If not, a blowtorch would probably work nicely.

-- 
James W. Meritt CISSP, CISA
Booz | Allen | Hamilton
phone: (410) 684-6566

RE: Unclassified Disk "Sanitizers"

[James . Petrie]

Try:

http://www.tolvanen.com/eraser/

For Windows.

James

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 21, 2002 3:31 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Unclassified Disk "Sanitizers"



Does anyone have recommendations for freeware or shareware that
effectively
erases disks for unclassified but sensitive information? This would be
used
for all machines "retired" to school programs, etc. We need one for
Windows
and one for UNIX, if one tool can't clean both types of disks. Anybody
have
experience with this?

Thank you!

Connie

Re: Unclassified Disk "Sanitizers"

[Phil Park]

-BEGIN PGP SIGNED MESSAGE-

PGP (go to www.pgpi.org) has a wipe feature. The Windows version will wipe files and 
free space as well.

You can also go to google and search for "secure delete".

thx
- --phil
- --
phil park
system administrator
[EMAIL PROTECTED]
208.885.5562 (phone)
208.885.7099 (fax)
419.730.3247 (e-fax)
http://www.csds.uidaho.edu

On Thu, 21 Feb 2002, Sadler, Connie J wrote:

>
> Does anyone have recommendations for freeware or shareware that effectively
> erases disks for unclassified but sensitive information? This would be used
> for all machines "retired" to school programs, etc. We need one for Windows
> and one for UNIX, if one tool can't clean both types of disks. Anybody have
> experience with this?
>
> Thank you!
>
> Connie
>

-BEGIN PGP SIGNATURE-
Version: PGP 6.5.8

iQEVAwUBPHe58FDd4eFw884XAQEZ9wf+PjDitYEWW8ctMhXEPRZbFscGXwOGSN+Q
psrqZtKT86Mw3wlQJHtIS0n8ClN4vshytnFy1KOhrAHTHmPnfdAimxUOXd8Fhwpv
55cv/2DdvBZn58QJXUQsAVekNZXDnwX79kcKwHFtWBv/bAGOvP+EZI3nsZsElOkh
a+N0VWhuVwYfjE0z8I6EcH2FTXZ8dw7JMmvvV55ijy2KrO2wEGSpbnCD9nHwety4
K+8N8u/3j469uO0PZXGSFmQ6HBDclz0eWdrYyf0pUZevggZmIDuxbz5XCJw9s0FE
qIlAsBX57YcpFEYRY5WCHncA+o8V33s/jh/nllxpKlF80YRrBrG0bg==
=qP3v
-END PGP SIGNATURE-

Re: Unclassified Disk "Sanitizers"

[Greg Rolling]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

We use a program called GWSCAN that comes on Gateway restore disks.  You 
can download it from 

http://www.gateway.com/support/drivers/search.asp?strSearch=gwscan&searchType=all

I just put it on a bootable floppy and run it from there.

- --Greg

On Thu, 21 Feb 2002, Sadler, Connie J wrote:
> Does anyone have recommendations for freeware or shareware that effectively
> erases disks for unclassified but sensitive information? This would be used
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8eFiEEcEnk+U0Hj8RAvmsAJsGi0HCyFqJtarOKq7prJ5AmD2OOQCZASgz
PJugy42o35pzo3xwmabtmFw=
=FcWM
-END PGP SIGNATURE-

Re: Unclassified Disk "Sanitizers"

[Thomas Sjogren]

checkout Autoclave (http://staff.washington.edu/jdlarios/autoclave/) it runs 
on a bootable floppy and wipes the entire hdd. 

> Does anyone have recommendations for freeware or shareware that effectively
> erases disks for unclassified but sensitive information? This would be used
> for all machines "retired" to school programs, etc. We need one for Windows
> and one for UNIX, if one tool can't clean both types of disks. Anybody have
> experience with this?

/Thomas
-- 
[EMAIL PROTECTED] | www.northernsecurity.net
PGP: 4315 81B3 9E7F DC00 63DC F1D8 1326 651B AADE 91FC

Re: Unclassified Disk "Sanitizers"

[Brad]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 21 Feb 2002 at 17:30, Sadler, Connie J wrote:

From:   "Sadler, Connie J" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject:Unclassified Disk "Sanitizers"
Date sent:  Thu, 21 Feb 2002 17:30:57 -0500

> 
> Does anyone have recommendations for freeware or shareware that effectively
> erases disks for unclassified but sensitive information? This would be used
> for all machines "retired" to school programs, etc. We need one for Windows
> and one for UNIX, if one tool can't clean both types of disks. Anybody have
> experience with this?
> 
> Thank you!
> 
> Connie


Hi Connie and all

The Cleaner from Sami Tolvanen is an excellent file wiper for Windows:

http://www.tolvanen.com/eraser/

It is freeware. Sorry, can't comment on UNIX tools.

Cheers,
Brad


- -- 

Brad Griffin
Gryphonn Design
Computer Security Solutions
Custom designed systems
Ph: 0409057865/(07)4922 2589
Rockhampton QLD 4700
ABN: 12 095 821 961
[EMAIL PROTECTED]
***


-BEGIN PGP SIGNATURE-
Version: PGP 7.0.4 -- QDPGP 2.65 
Comment: Check ldap://europe.keys.pgp.com:11370 for public key.

iQA/AwUBPHd+1Q1FNrB3xRVMEQKuzgCfUEKhg/TNLL/qCnUukVuVGJ6pa7wAn3xf
9fkSTNsWcgPi967RActUnHbR
=zoEn
-END PGP SIGNATURE-

RE: Unclassified Disk "Sanitizers"

[Mike Donovan]

Hello, Connie,

I have been doing a lot of this lately on Windows for just the purpose you are 
decribing. I highly recommend WipeFree. It is, of course, a DOS program that 
sanitizes the disk allowing you to select number of wipes, etc.
You can find it at:
http://www.uwe-sieber.de/util_e.html
It is under the "DOS Disk- and File Tools, CD-ROM-Drivers" section.
WipeFree does a fine job -- and did I mention it is free?

Another option, (not free), may be better if you want a sanitizer to wipe data 
from Unix as well. It is an excellent program from OnTrack called, 
"DataEraser"...the personal edition is $29.95. Professional edition is 
$500.00. Big difference. The Pro version prints out certificates of 
verification and a few other things that are not necessary for what you're 
doing. DataEraser runs independently of the operating system so can be used no 
matter what OS is installed. It can be purchased online from OnTrack. You can 
find this program at:
http://www.ontrack.com/dataeraser/
Frankly, since you do have both platforms to sanitize - I would spend the $30 
and purchase DataEraser. The WipeFree I mentioned if you were concerned with 
dollars!

Good luck,
Mike Donovan








>= Original Message From "Sadler, Connie J" <[EMAIL PROTECTED]> =
>Does anyone have recommendations for freeware or shareware that effectively
>erases disks for unclassified but sensitive information? This would be used
>for all machines "retired" to school programs, etc. We need one for Windows
>and one for UNIX, if one tool can't clean both types of disks. Anybody have
>experience with this?
>
>Thank you!
>
>Connie

Re: Unclassified Disk "Sanitizers"

[Kevin Maute]

Connie,

I found no (reasonably priced) utility when I looked at this about 2 years
ago.  I was an Air Force contractor at the time and had much the same problem
that you (probably) do.

My solution was to develop a Linux based solution to do this.  The advantage of
this was it supports both SCSI and IDE disks and doesn't care what OS/Data is
on the disk.

There was also a document that dictated that for your needs you needed 3 passes
to "clear" the data and for more sensitive needs require 7 passes to "sanitize"
the disk.

Many people that are familiar with disk technologies feel this may not be
enough but to do anything with the data that may still be on the disk requires
fairly expensive hardware and lots of time...

Kevin


"Sadler, Connie J" wrote:

> Does anyone have recommendations for freeware or shareware that effectively
> erases disks for unclassified but sensitive information? This would be used
> for all machines "retired" to school programs, etc. We need one for Windows
> and one for UNIX, if one tool can't clean both types of disks. Anybody have
> experience with this?
>
> Thank you!
>
> Connie




--
++
Kevin Maute

Educating people on the avoidable carcinogens in their lives
and how to replace them with safe, superior products.

mailto:[EMAIL PROTECTED]
http://www.ineways.com/kmaute
http://www.newaysonline.com
++