Security Basics mailing list archives
Re: FW: Advice regarding servers and Wiping Drives after testing
From: "kevin fielder" <kevin.fielder () gmail com>
Date: Wed, 12 Sep 2007 15:34:44 +0100
Might already have been linked to, but here is an article briefly analysing the paper written by Peter Gutmann, also links to his paper as well: http://www.nber.org/sys-admin/overwritten-data-guttman.html Having also recently used a reputable recovery company to recover a failed drive, I can confirm that these companies don't claim to be able to get data back that has been overwritten... I guess this is one of those areas where people like Mi6 / the NSA etc may have access to more advanced tools, or it may all just be conspiracy theories..! Cheers K -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Murda Mcloud Sent: 11 September 2007 23:35 To: security-basics () securityfocus com Subject: RE: Advice regarding servers and Wiping Drives after testing I'd agree with Ansgar here-the reason( I think) that people keep saying you should do more than one pass is because of a theoretical paper written a long time ago by Peter Gutmann. It didn't say it was possible to recover but that (I think) it may one day be possible to recover data. Using an electron tunneling microscope. Or Harry Potter. Datum recoveratorius! Which is why even DBAN has the 'Gutmann Method' of wiping-ie 35 passes but why anyone would waste their processor time doing that is beyond me. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Ansgar -59cobalt- Wiechers Sent: Wednesday, September 05, 2007 4:03 AM To: security-basics () securityfocus com Subject: Re: Advice regarding servers and Wiping Drives after testing On 2007-09-01 gjgowey () tmo blackberry net wrote:A since pass with all zero's really won't protect your data from being recovered by more advanced data recovery software let alone alone hardware.I'd like to see a single case where someone was able to recover data from an overwritten harddisk, even after a single pass with zeroes.Multiple passes isn't much better, but if that's all you got... You would be better off looking at better utilities if you really need to keep the data from being recovered.Nonsense. If you're worried about the zeroes just replace /dev/zero with /dev/urandom. Your "better utilites" don't work any different from that. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
Current thread:
- Re: Advice regarding servers and Wiping Drives after testing, (continued)
- Re: Advice regarding servers and Wiping Drives after testing Steve Olive (Sep 13)
- Re: Advice regarding servers and Wiping Drives after testing Ansgar -59cobalt- Wiechers (Sep 13)
- RE: Advice regarding servers and Wiping Drives after testing dave kleiman (Sep 13)
- Re: Advice regarding servers and Wiping Drives after testing Kelly Keeton (Sep 13)
- Re: Advice regarding servers and Wiping Drives after testing Robert Inder (Sep 12)
- Re: Advice regarding servers and Wiping Drives after testing Melissa (Sep 12)