Re: Interesting One

["Meritt James" <meritt_james () bah com>]

The only thing that I would add is that total physical destruction works
real, real well and is preferred if you don't plan on using it again.  A
furnace works really well and has other uses.  (Plastic burns good)

Jim

Dan Darden wrote:
> I have never seen the process done, however have heard similar statements.
> I am told the tool that is used is known as a magnetic microscope.  The
> theory behind this is that a bit on a disk takes up much more space than a
> single atom of magnetic material does.  The fact that the magnetic material
> consists of layer upon layer of macro-atomic MOS-type material allows the
> microsocope to zoom in on a particular layer.
>
> AS you can image, the device by nature would be super-sensitive, and I'm
> sure somewhat error prone, but with the right calibration and mechanics
> should be in theory quite reliable over time.
>
> I do not have any information as to a brand name of device, but perhaps I
> have given you some information to start with.  Tools such as Norton's GW
> (government write) have been made to eliminate a forensic scientists ability
> to recover the data.  The GW tools can write a disk 100+ times over with a
> single character, thus erasing all traces of residual disk write activity.
>
> Also, over time, environmental factors can cause magnetic molecules to shift
> on their own, which is partly the cause of some errors on hard disks which
> have remained inactive over very long periods.  Any one else have any
> rebuttals or comments to add?  If so I would appreciate it.  Hope I am not
> totally out in the blue here, but this is just what I have heard and picked
> up over the years on the topic.  I would love as I am sure Dave would also,
> to be able to see one of these machines in action.
>
> Sincerely,
> Dan Darden.
>
> ===========================================
> Email dld2517 () yahoo com for your security
> questions and information.
>
> Hoax Info: http://hoaxbusters.ciac.org
>
> ===========================================
> "Everyday I beat my own personal record for
> number of consecutive days I've stayed
> alive" -- Author Unknown
> ===========================================
>
> -----Original Message-----
> From: Dave Adams [mailto:dadams () johncrowley co uk]
> Sent: Monday, October 28, 2002 4:06 PM
> To: security-basics () security-focus com
> Subject: Interesting One
>
> Greetings Folks,
>
> I had an interesting conversation today with someone from FAST
> (Federation
> Against Software Theft) They pretend not to be a snitch wing of the BSA.
> Anyway, to get to the point, the guy that came to see me said that their
> forensics guys could read data off a hard drive that had been written
> over
> up to thirty times. I find this very hard to believe and told him I
> thought
> he was mistaken but the guy was adamant that it could be done. My
> question
> is, does anyone have any views on this, or, can anyone point me to a
> source
> of information where I can get the facts on exactly how much data can be
> retrieved off a hard drive and under what conditions etc etc.
>
> Thanks
>
> Dave Adams
>
> This message (and any associated files) is intended only for the
> use of the individual or entity to which it is addressed and may
> contain information that is confidential, subject to copyright or
> constitutes a trade secret. If you are not the intended recipient
> you are hereby notified that any dissemination, copying or
> distribution of this message, or files associated with this message,
> is strictly prohibited. If you have received this message in error,
> please notify us immediately by replying to the message and deleting
> it from your computer. Messages sent to and from
> John Crowley (Maidstone) Ltd may be monitored.
>
> Internet communications cannot be guaranteed to be secure or error-free
> as information could be intercepted, corrupted, lost, destroyed, arrive
> late or incomplete, or contain viruses. Therefore, we do not accept
> responsibility for any errors or omissions that are present in this
> message, or any attachment, that have arisen as a result of e-mail
> transmission. If verification is required, please request a hard-copy
> version. Any views or opinions presented are solely those of the author
> and do not necessarily represent those of John Crowley (Maidstone) Ltd.

-- 
James W. Meritt CISSP, CISA
Booz | Allen | Hamilton
phone: (410) 684-6566