Security Basics mailing list archives
RE: Interesting One
From: "John Orr" <JOrr () austinbank com>
Date: Wed, 30 Oct 2002 13:05:52 -0600
You are correct, and I was a bit hasty in my initial response. I suppose my general distrust for salesmen is showing! <grin!> I am no stranger to the world of physics, and Scanning Microscopy is certainly no exception. However, I *assumed* (my mistake) from the original post that the salesperson was talking about using software to do the recovery, not physical layer recovery. That is why I took such exception. Upon re-reading what David originally wrote, I realize that he did not specify a software solution. I apologize for my initial response and withdraw it. Regards. -John -------------------------------------- John Orr VP/CIO Austin Bank 903.759.3828 x2113 903.297.3094 fax jorr () austinbank com
<David () cawdgw net> 10/30/02 12:38PM >>>
John, actually, we beat this topic to death about a year ago. Your good knowledge of physics is misleading you. An extraordinary understanding of physics provides us with tools such as Magnetic Force Scanning Tunneling Microscopy which can recover data, with no theoretical limit of how many times the medium is overwritten. Actual limitations are caused by the sensitivity of the tools we can produce, rather than limitation of the technique itself. See the below link and read about it from someone with both the extraordinary understanding of physics plus the totally rare ability to explain it in terms the layman can understand. http://www.usenix.org/publications/library/proceedings/sec96/full_papers/gut mann/ Moderator, please don't let this thread devolve into an argument about when you need to melt the disk and when formatting or breaking it up is good enough. (We spent a week just on how small the pieces should be. Over 500 posts) D. Weiss CCNA/MCSE/SSP2 -----Original Message----- From: John Orr [mailto:JOrr () austinbank com] Sent: Tuesday, October 29, 2002 7:15 PM To: dadams () johncrowley co uk; security-basics () security-focus com Subject: Re: Interesting One Personally, I think he is full of... hot air. Bits are either "on" or "off", "1" or "0". If you change that pattern (i.e. write over the same data area with a different sequence of bits), then the previous state of that field would not be determinable. Granted, there may be some residual magnetic field left on a particular area that is now "0" that had been "1", but the converse would not be true. There would be no residual field to read on an area that is now "1" that had been "0". Sounds like sales fluff to me. Anyway, that is my opinion, based on years of experience and a good knowledge of physics. -John -------------------------------------- John Orr VP/CIO Austin Bank 903.759.3828 x2113 903.297.3094 fax jorr () austinbank com
"Dave Adams" <dadams () johncrowley co uk> 10/28/02 04:06PM >>>
Greetings Folks, I had an interesting conversation today with someone from FAST (Federation Against Software Theft) They pretend not to be a snitch wing of the BSA. Anyway, to get to the point, the guy that came to see me said that their forensics guys could read data off a hard drive that had been written over up to thirty times. I find this very hard to believe and told him I thought he was mistaken but the guy was adamant that it could be done. My question is, does anyone have any views on this, or, can anyone point me to a source of information where I can get the facts on exactly how much data can be retrieved off a hard drive and under what conditions etc etc. Thanks Dave Adams This message (and any associated files) is intended only for the use of the individual or entity to which it is addressed and may contain information that is confidential, subject to copyright or constitutes a trade secret. If you are not the intended recipient you are hereby notified that any dissemination, copying or distribution of this message, or files associated with this message, is strictly prohibited. If you have received this message in error, please notify us immediately by replying to the message and deleting it from your computer. Messages sent to and from John Crowley (Maidstone) Ltd may be monitored. Internet communications cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. Therefore, we do not accept responsibility for any errors or omissions that are present in this message, or any attachment, that have arisen as a result of e-mail transmission. If verification is required, please request a hard-copy version. Any views or opinions presented are solely those of the author and do not necessarily represent those of John Crowley (Maidstone) Ltd.
Current thread:
- RE: Interesting One, (continued)
- RE: Interesting One Tom Matthews (Oct 30)
- RE: Interesting One Paul Carroll (Oct 30)
- Basic Question only Christopher Rea (Oct 31)
- RE: Interesting One David (Oct 31)
- Re: Interesting One Jack Crone (Oct 30)
- RE: Interesting One Martijn Dunnebier (Oct 30)
- RE: Interesting One Trevor Cushen (Oct 30)
- RE: Interesting One Nero, Nick (Oct 30)
- RE: Interesting One Tim Donahue (Oct 30)
- Re: Interesting One Carlos . (Oct 30)
- RE: Interesting One John Orr (Oct 31)
- Interesting one Trevor Cushen (Oct 31)
- RE: Interesting One Trevor Cushen (Oct 31)