Full Disclosure mailing list archives
Re: Stealthier Internet access
From: "Elazar Broad" <elazar () hushmail com>
Date: Wed, 26 May 2010 00:51:25 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thermite will definitely do, checkout http://hackaday.com/2008/09/16/how-to-thermite-based-hard-drive- anti-forensic-destruction/ and of course a .50 APIT round will do as well: http://www.ranum.com/security/computer_security/editorials/diskcrypt /index.html. elazar On Tue, 25 May 2010 16:08:45 -0400 Valdis.Kletnieks () vt edu wrote:
On Wed, 26 May 2010 01:25:25 +0545, Bipin Gautam said: Rest of article actually looks good at first glance, but this jumped out at me:-Software disk Wiping: Wipe KEY, header of your encrypted storage volume (first fewmb, refspecific manual) Ref using Peter Gutmann standard of datawipeing (35wipes) And wipe entire storage using U.S. DoD 5200.28-STD (7 wipes)There is zero evidence that anybody is able to recover data after even a single overwrite of /dev/zero on a disk drive made this century. Even in the MFM days, Gutmann's recovery technique was difficult - today's densities render it essentially impossible. Even if it's possible, if your threat model includes the sort of organizations that could theoretically do it, maybe you should be considering thermite rather than software wipes. Especially if they're pounding on your door. ;) I'm more than open to hear of any *confirmed* cases of data recovered after even a single overwrite anytime after 1995. To date, I have not seen one. Prove me wrong, guys. ;)
-----BEGIN PGP SIGNATURE----- Charset: UTF8 Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 3.0 wpwEAQECAAYFAkv8qM0ACgkQi04xwClgpZhNWgP+Jg91G1IJm5+L64QZSiKfQA7pllvt SU9eYGPfbSB3hav5FWio4R0OSl1ivSox5X3FSgQRxYup6+BqZD3PtmeD38CykutOPAdy /5CG8L+RpoetFKXx4guT3hAGQO/arMfnbgD9wKY6cPxX7hXEtViciU8pvyHgXLIVYyEE 0dmsm5c= =pSkX -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Stealthier Internet access, (continued)
- Re: Stealthier Internet access Christian Sciberras (May 25)
- Re: Stealthier Internet access Christian Sciberras (May 25)
- Re: Stealthier Internet access Bipin Gautam (May 25)
- Re: Stealthier Internet access Valdis . Kletnieks (May 25)
- Re: Stealthier Internet access BMF (May 25)
- Re: Stealthier Internet access Marsh Ray (May 25)
- Re: Stealthier Internet access Bipin Gautam (May 25)
- Re: Stealthier Internet access Valdis . Kletnieks (May 25)
- Re: Stealthier Internet access T Biehn (May 31)
- Re: Stealthier Internet access Christian Sciberras (May 25)