RE: Interesting One

[<David () cawdgw net>]

John, actually, we beat this topic to death about a year ago. Your good
knowledge of physics is misleading you. An extraordinary understanding of
physics provides us with tools such as Magnetic Force Scanning Tunneling
Microscopy which can recover data, with no theoretical limit of how many
times the medium is overwritten. Actual limitations are caused by the
sensitivity of the tools we can produce, rather than limitation of the
technique itself.

See the below link and read about it from someone with both the
extraordinary understanding of physics plus the totally rare ability to
explain it in terms the layman can understand.

http://www.usenix.org/publications/library/proceedings/sec96/full_papers/gut
mann/

Moderator, please don't let this thread devolve into an argument about when
you need to melt the disk and when formatting or breaking it up is good
enough. (We spent a week just on how small the pieces should be. Over 500
posts)

D. Weiss
CCNA/MCSE/SSP2



-----Original Message-----
From: John Orr [mailto:JOrr () austinbank com]
Sent: Tuesday, October 29, 2002 7:15 PM
To: dadams () johncrowley co uk; security-basics () security-focus com
Subject: Re: Interesting One


  Personally, I think he is full of... hot air.

  Bits are either "on" or "off", "1" or "0".  If you change that pattern
(i.e. write over the same data area with a different sequence of bits), then
the previous state of that field would not be determinable.  Granted, there
may be some residual magnetic field left on a particular area that is now
"0" that had been "1", but the converse would not be true.  There would be
no residual field to read on an area that is now "1" that had been "0".

  Sounds like sales fluff to me.

  Anyway, that is my opinion, based on years of experience and a good
knowledge of physics.

-John

--------------------------------------
John Orr
VP/CIO
Austin Bank
903.759.3828 x2113
903.297.3094 fax
jorr () austinbank com

> > > "Dave Adams" <dadams () johncrowley co uk> 10/28/02 04:06PM >>>
Greetings Folks,

I had an interesting conversation today with someone from FAST
(Federation
Against Software Theft) They pretend not to be a snitch wing of the BSA.
Anyway, to get to the point, the guy that came to see me said that their
forensics guys could read data off a hard drive that had been written
over
up to thirty times. I find this very hard to believe and told him I
thought
he was mistaken but the guy was adamant that it could be done. My
question
is, does anyone have any views on this, or, can anyone point me to a
source
of information where I can get the facts on exactly how much data can be
retrieved off a hard drive and under what conditions etc etc.

Thanks

Dave Adams



This message (and any associated files) is intended only for the
use of the individual or entity to which it is addressed and may
contain information that is confidential, subject to copyright or
constitutes a trade secret. If you are not the intended recipient
you are hereby notified that any dissemination, copying or
distribution of this message, or files associated with this message,
is strictly prohibited. If you have received this message in error,
please notify us immediately by replying to the message and deleting
it from your computer. Messages sent to and from
John Crowley (Maidstone) Ltd may be monitored.

Internet communications cannot be guaranteed to be secure or error-free
as information could be intercepted, corrupted, lost, destroyed, arrive
late or incomplete, or contain viruses. Therefore, we do not accept
responsibility for any errors or omissions that are present in this
message, or any attachment, that have arisen as a result of e-mail
transmission. If verification is required, please request a hard-copy
version. Any views or opinions presented are solely those of the author
and do not necessarily represent those of John Crowley (Maidstone) Ltd.