Re: Interesting One

[James Taylor <james_n_taylor () yahoo com>]

The CISSP Study Guide (ISBN 0-471-41356-9) states that:

"Information on magnetic media is typically 'destroyed' by
degaussing or overwriting. Formatting a disk once dones not
completly destroy all data, the entire media must be
overwritten or formatted seven times to conform to
standards for object reuse".

Also the above book states that "the Orange Book standard
reccommends that magnetic media be formatted seven times
before discard or reuse of media".

So if the US gov't reccommends seven times, you can bet
that they have technology that can read to a lower level
than that! However 30 times seems a bit excessive and it
must depend on the nature of the data being overwritten and
what area's of the media have been completly destroyed. At
that level I imagine it's something like guessing the
picture from a 10000 piece jigsaw puzzle, with most of the
pieces missing.

Regards
James


--- Carol Stone <carol () carolstone com> wrote:
> I don't know much about this, but yesterday I read in one
> of the later 
> chapters of Bruce Schneier's book, "Secrets and Lies,"
> (link to amazon 
> follows) that over-writing data on a disk does *not*
> completely 
> obliterate it, it just makes it a lot more difficult to
> recover with 
> each over-write. I believe he said just how many
> re-writes were still 
> recoverable was a secret one of our governmental
> organizations wasn't 
> about to give up.  I'll look at my book later when I have
> it in my 
> hands and see if I can't find part and post a pointer to
> *his* 
> reference.
>
> -carol
>
> http://www.amazon.com/exec/obidos/tg/detail/-
/0471253111/qid=1035924654/sr=8-3/ref=sr_8_3/104-4454644-5987143?
> v=glance&n=507846
>
> > Greetings Folks,
> >
> > I had an interesting conversation today with someone
> from FAST
> > (Federation
> > Against Software Theft) They pretend not to be a snitch
> wing of the 
> BSA.
> > Anyway, to get to the point, the guy that came to see
> me said that 
> their
> > forensics guys could read data off a hard drive that
> had been written
> > over
> > up to thirty times. I find this very hard to believe
> and told him I
> > thought
> > he was mistaken but the guy was adamant that it could
> be done. My
> > question
> > is, does anyone have any views on this, or, can anyone
> point me to a
> > source
> > of information where I can get the facts on exactly how
> much data can 
> be
> > retrieved off a hard drive and under what conditions
> etc etc.
> > Thanks
> >
> > Dave Adams
> >  
> >  
> >  
> > This message (and any associated files) is intended
> only for the 
> > use of the individual or entity to which it is
> addressed and may 
> > contain information that is confidential, subject to
> copyright or
> > constitutes a trade secret. If you are not the intended
> recipient 
> > you are hereby notified that any dissemination, copying
> or 
> > distribution of this message, or files associated with
> this message, 
> > is strictly prohibited. If you have received this
> message in error, 
> > please notify us immediately by replying to the message
> and deleting 
> > it from your computer. Messages sent to and from 
> > John Crowley (Maidstone) Ltd may be monitored. 
> >
> > Internet communications cannot be guaranteed to be
> secure or error-
> free 
> > as information could be intercepted, corrupted, lost,
> destroyed, 
> arrive 
> > late or incomplete, or contain viruses. Therefore, we
> do not accept 
> > responsibility for any errors or omissions that are
> present in this 
> > message, or any attachment, that have arisen as a
> result of e-mail 
> > transmission. If verification is required, please
> request a hard-copy 
> > version. Any views or opinions presented are solely
> those of the 
> author 
> > and do not necessarily represent those of John Crowley
> (Maidstone) 
> Ltd.
> >
>
> --
> Real people for the virtual world.
> http://www.elirion.net


__________________________________________________
Do you Yahoo!?
HotJobs - Search new jobs daily now
http://hotjobs.yahoo.com/