Security Basics mailing list archives
Re: Interesting One
From: "Meritt James" <meritt_james () bah com>
Date: Wed, 30 Oct 2002 13:32:48 -0500
The only thing that I would add is that total physical destruction works real, real well and is preferred if you don't plan on using it again. A furnace works really well and has other uses. (Plastic burns good) Jim Dan Darden wrote:
I have never seen the process done, however have heard similar statements. I am told the tool that is used is known as a magnetic microscope. The theory behind this is that a bit on a disk takes up much more space than a single atom of magnetic material does. The fact that the magnetic material consists of layer upon layer of macro-atomic MOS-type material allows the microsocope to zoom in on a particular layer. AS you can image, the device by nature would be super-sensitive, and I'm sure somewhat error prone, but with the right calibration and mechanics should be in theory quite reliable over time. I do not have any information as to a brand name of device, but perhaps I have given you some information to start with. Tools such as Norton's GW (government write) have been made to eliminate a forensic scientists ability to recover the data. The GW tools can write a disk 100+ times over with a single character, thus erasing all traces of residual disk write activity. Also, over time, environmental factors can cause magnetic molecules to shift on their own, which is partly the cause of some errors on hard disks which have remained inactive over very long periods. Any one else have any rebuttals or comments to add? If so I would appreciate it. Hope I am not totally out in the blue here, but this is just what I have heard and picked up over the years on the topic. I would love as I am sure Dave would also, to be able to see one of these machines in action. Sincerely, Dan Darden. =========================================== Email dld2517 () yahoo com for your security questions and information. Hoax Info: http://hoaxbusters.ciac.org =========================================== "Everyday I beat my own personal record for number of consecutive days I've stayed alive" -- Author Unknown =========================================== -----Original Message----- From: Dave Adams [mailto:dadams () johncrowley co uk] Sent: Monday, October 28, 2002 4:06 PM To: security-basics () security-focus com Subject: Interesting One Greetings Folks, I had an interesting conversation today with someone from FAST (Federation Against Software Theft) They pretend not to be a snitch wing of the BSA. Anyway, to get to the point, the guy that came to see me said that their forensics guys could read data off a hard drive that had been written over up to thirty times. I find this very hard to believe and told him I thought he was mistaken but the guy was adamant that it could be done. My question is, does anyone have any views on this, or, can anyone point me to a source of information where I can get the facts on exactly how much data can be retrieved off a hard drive and under what conditions etc etc. Thanks Dave Adams This message (and any associated files) is intended only for the use of the individual or entity to which it is addressed and may contain information that is confidential, subject to copyright or constitutes a trade secret. If you are not the intended recipient you are hereby notified that any dissemination, copying or distribution of this message, or files associated with this message, is strictly prohibited. If you have received this message in error, please notify us immediately by replying to the message and deleting it from your computer. Messages sent to and from John Crowley (Maidstone) Ltd may be monitored. Internet communications cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. Therefore, we do not accept responsibility for any errors or omissions that are present in this message, or any attachment, that have arisen as a result of e-mail transmission. If verification is required, please request a hard-copy version. Any views or opinions presented are solely those of the author and do not necessarily represent those of John Crowley (Maidstone) Ltd.
-- James W. Meritt CISSP, CISA Booz | Allen | Hamilton phone: (410) 684-6566
Current thread:
- Interesting One Dave Adams (Oct 29)
- RE: Interesting One Michael Cunningham (Oct 29)
- RE: Interesting One Dora Furlong (Oct 30)
- RE: Interesting One Rory Savage (Oct 30)
- Re: Interesting One Reece Arnott (Oct 30)
- Re: Interesting One Thomas Sjögren (Oct 30)
- RE: Interesting One Chris Chandler (Oct 31)
- RE: Interesting One Shayla Anthony (Oct 30)
- RE: Interesting One Dan Darden (Oct 30)
- Re: Interesting One Meritt James (Oct 31)
- R: Interesting One Alessandro Bottonelli (Oct 30)
- <Possible follow-ups>
- Re: Interesting One Joe Yong (Oct 29)
- RE: Interesting One Nero, Nick (Oct 29)
- Re: Interesting One Joe Barrett (Oct 30)
- RE: Interesting One maillist (Oct 30)
- Re: Interesting One Vlad (Oct 31)
- RE: Interesting One reading a 30x over-written drive Tim - IBL (Oct 30)
- RE: Interesting One Carl Grayson (Oct 30)
- Re: Interesting One Meritt James (Oct 30)
- Re: Interesting One John Orr (Oct 29)
(Thread continues...)
- RE: Interesting One Michael Cunningham (Oct 29)