Security Basics mailing list archives
RE: Interesting One
From: "Trevor Cushen" <Trevor.Cushen () sysnet ie>
Date: Thu, 31 Oct 2002 11:48:40 -0000
I looked further at this DOD standard which was showing different numbers from various people (including myself) Here is an interesting article that discusses the DOD standard in the context of disk wiping software. Worth being aware of. http://www.darkstonedata.com/business/security8.html Trevor Cushen Sysnet Ltd www.sysnet.ie Tel: +353 1 2983000 Fax: +353 1 2960499 -----Original Message----- From: maillist [mailto:maillist () avoiderman com] Sent: 30 October 2002 06:45 To: security-basics () security-focus com Subject: RE: Interesting One I disagree with you both - the NSA standard for a drive that will be recycled is a nine-pass wipe ... involving pseudo-random data, 0s and 1s ... preferably in a non-predictable order ... Reading after thirty overwrites is just scare mongering. Depending on the media it might just be possible on some drives (where the heads have moved over time) ... but the kit to read from drives after just a couple of wipes is expensive, and usually just the provision of government types ... Avoiderman
-----Original Message----- From: Nero, Nick [mailto:Nick.Nero () disney com] Sent: 29 October 2002 17:30 To: Dave Adams; security-basics () security-focus com Subject: RE: Interesting One Well, the NSA standard I believe is that zero-filling a drive (writing
all 0's to the platter) will make the data impossible to recover, but I am sure there are some instances when this isn't the cause depending
on how retentive the media is and all that. If is electromagnetically
degaussed for an extended period of time, I can't imagine anything could recover the data. Nick Nero, CISSP -----Original Message----- From: Dave Adams [mailto:dadams () johncrowley co uk] Sent: Monday, October 28, 2002 5:06 PM To: security-basics () security-focus com Subject: Interesting One Greetings Folks, I had an interesting conversation today with someone from FAST (Federation Against Software Theft) They pretend not to be a snitch wing of the BSA. Anyway, to get to the point, the guy that came to see
me said that their forensics guys could read data off a hard drive that had been written over up to thirty times. I find this very hard to believe and told him I thought he was mistaken but the guy was adamant that it could be done. My question is, does anyone have any views on this, or, can anyone point me to a source of information where I can get the facts on exactly how much data can be retrieved off a hard drive and under what conditions etc etc. Thanks Dave Adams
************************************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this message in error please notify SYSNET Ltd., at telephone no: +353-1-2983000 or postmaster () sysnet ie **************************************************************************************
Current thread:
- Basic Question only, (continued)
- Basic Question only Christopher Rea (Oct 31)
- RE: Interesting One David (Oct 31)
- Re: Interesting One Jack Crone (Oct 30)
- RE: Interesting One Martijn Dunnebier (Oct 30)
- RE: Interesting One Trevor Cushen (Oct 30)
- RE: Interesting One Nero, Nick (Oct 30)
- RE: Interesting One Tim Donahue (Oct 30)
- Re: Interesting One Carlos . (Oct 30)
- RE: Interesting One John Orr (Oct 31)
- Interesting one Trevor Cushen (Oct 31)
- RE: Interesting One Trevor Cushen (Oct 31)