Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Advice regarding servers and Wiping Drives after testing

From: "Murda Mcloud" <murdamcloud () bigpond com>
Date: Wed, 12 Sep 2007 08:34:57 +1000
I'd agree with Ansgar here-the reason( I think) that people keep saying you
should do more than one pass is because of a theoretical paper written a
long time ago by Peter Gutmann. It didn't say it was possible to recover but
that (I think) it may one day be possible to recover data. Using an electron
tunneling microscope. Or Harry Potter. Datum recoveratorius! 
Which is why even DBAN has the 'Gutmann Method' of wiping-ie 35 passes but
why anyone would waste their processor time doing that is beyond me.

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Ansgar -59cobalt- Wiechers
Sent: Wednesday, September 05, 2007 4:03 AM
To: security-basics () securityfocus com
Subject: Re: Advice regarding servers and Wiping Drives after testing

On 2007-09-01 gjgowey () tmo blackberry net wrote:

A since pass with all zero's really won't protect your data from being
recovered by more advanced data recovery software let alone alone
hardware.


I'd like to see a single case where someone was able to recover data
from an overwritten harddisk, even after a single pass with zeroes.


Multiple passes isn't much better, but if that's all you got...

You would be better off looking at better utilities if you really need
to keep the data from being recovered.


Nonsense. If you're worried about the zeroes just replace /dev/zero with
/dev/urandom. Your "better utilites" don't work any different from that.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq
Previous By Date Next
Previous By Thread Next

Current thread: