Security Basics mailing list archives

RE: Interesting One

From: "maillist" <maillist () avoiderman com>
Date: Wed, 30 Oct 2002 06:45:15 -0000

I disagree with you both - the NSA standard for a drive that will be
recycled is a nine-pass wipe ... involving pseudo-random data, 0s and 1s ...
preferably in a non-predictable order ...

Reading after thirty overwrites is just scare mongering.  Depending on the
media it might just be possible on some drives (where the heads have moved
over time) ... but the kit to read from drives after just a couple of wipes
is expensive, and usually just the provision of government types ...

Avoiderman

-----Original Message-----
From: Nero, Nick [mailto:Nick.Nero () disney com]
Sent: 29 October 2002 17:30
To: Dave Adams; security-basics () security-focus com
Subject: RE: Interesting One

Well, the NSA standard I believe is that zero-filling a drive (writing
all 0's to the platter) will make the data impossible to recover, but I
am sure there are some instances when this isn't the cause depending on
how retentive the media is and all that.  If is electromagnetically
degaussed for an extended period of time, I can't imagine anything could
recover the data.

Nick Nero, CISSP

-----Original Message-----
From: Dave Adams [mailto:dadams () johncrowley co uk]
Sent: Monday, October 28, 2002 5:06 PM
To: security-basics () security-focus com
Subject: Interesting One

Greetings Folks,

I had an interesting conversation today with someone from FAST
(Federation Against Software Theft) They pretend not to be a snitch wing
of the BSA. Anyway, to get to the point, the guy that came to see me
said that their forensics guys could read data off a hard drive that had
been written over up to thirty times. I find this very hard to believe
and told him I thought he was mistaken but the guy was adamant that it
could be done. My question is, does anyone have any views on this, or,
can anyone point me to a source of information where I can get the facts
on exactly how much data can be retrieved off a hard drive and under
what conditions etc etc.

Thanks

Dave Adams

Current thread:

Re: Interesting One, (continued)
- Re: Interesting One Reece Arnott (Oct 30)
- Re: Interesting One Thomas Sjögren (Oct 30)
  - RE: Interesting One Chris Chandler (Oct 31)
- RE: Interesting One Shayla Anthony (Oct 30)
- RE: Interesting One Dan Darden (Oct 30)
  - Re: Interesting One Meritt James (Oct 31)
- R: Interesting One Alessandro Bottonelli (Oct 30)
- Re: Interesting One Joe Yong (Oct 29)
- RE: Interesting One Nero, Nick (Oct 29)
  - Re: Interesting One Joe Barrett (Oct 30)
  - RE: Interesting One maillist (Oct 30)
    - Re: Interesting One Vlad (Oct 31)
  - RE: Interesting One reading a 30x over-written drive Tim - IBL (Oct 30)
  - RE: Interesting One Carl Grayson (Oct 30)
  - Re: Interesting One Meritt James (Oct 30)
- Re: Interesting One John Orr (Oct 29)
  - Re: Interesting One Brad (Oct 30)
  - RE: Interesting One Dan Darden (Oct 30)
  - Re: Interesting One John Dow (Oct 30)
    - RE: Interesting One Mark Ribbans (Oct 31)
  - Re: Interesting One Jac (Oct 31)

(Thread continues...)