RE: Suggestions on free XP hard drive wiping utilities?

["Craig Searle" <craig.searle () sift com au>]

Actually this is an urban myth....DOD standards indicate that 4 passes in
generally enough to render most data unrecoverable to most forensic analysis
tools.

You may also want to read a paper by Peter Gutmann, a Auckland University
Professor and IT Security Expert.
His website is http://www.cs.auckland.ac.nz/~pgut001/

Pardon me if I'm wrong, but wasn't this discussed on this mailing list
recently??

Craig Searle
SIFT Pty Ltd
www.sift.com.au

P (02) 9236 7276
F (02) 9236 7271
M 0402 914 077
E craig.searle () sift com au

Level 67, MLC Centre,
Martin Place, Sydney NSW 2000

[ABN 42 094 359 743]

This correspondence is for the named person's use only. It may contain
confidential or legally privileged information or both. No confidentiality
or privilege is waived or lost by any mistransmission. If you receive this
correspondence in error, please immediately delete it from your system and
notify the sender. You must not disclose, copy or rely on any part of this
correspondence if you are not the intended recipient. Any opinions expressed
in this message are those of the individual sender, except where the sender
expressly, and with authority, states them to be the opinions of SIFT Pty
Ltd.



-----Original Message-----
From: Patrick Debois [mailto:Patrick.Debois () sos be] 
Sent: Thursday, 13 February 2003 04:50 AM
To: security-basics () securityfocus com
Subject: RE: Suggestions on free XP hard drive wiping utilities?


I've heard on a radio show there was a study that the number of erases
should be 13 (based on the material of the drive). Nothing to recover only
with computers but rather with microscopes.

If anyone knows a pointer to that research....

On Wed, 12 Feb 2003, David Verty wrote:

> Date: Wed, 12 Feb 2003 03:10:58 +0000
> From: David Verty <verticalrave () hotmail com>
> To: security-basics () securityfocus com
> Subject: RE: Suggestions on free XP hard drive wiping utilities?
>
> There is a whole thread on ExtremeTech about this I believe...and it 
> stretches on for a long run. You might find some useful information 
> there, like DoD (Department of Defense) standards, and software that 
> exceeds it for deletation of files.
>
> What the government does right now to permanently get rid of data is 
> shred the disk in a metal shredder.
>
> Are there any programs for secure deletation? Never heard of any 
> really that were extremely good.
>
> And i've heard of hard disks storing everything in so called 'layers' 
> (you have to rewrite your disk three or four times+ with phony data to 
> truly get rid of everything.) but the edge thing is something i've 
> never heard about. Interesting. Somebody on ExtremeTech also mentioned 
> that since the signals are theoretically magnetic, its possible to 
> extract the strength of the previous magnetic signal (though weak) and 
> rebuild the data from there. Whatever validity that has i'm not so 
> sure.
>
>
>
>
>
> > From: "MacFerrin, Ken" <Ken_MacFerrin () csgsystems com>
> > To: <security-basics () securityfocus com>
> > Subject: RE: Suggestions on free XP hard drive wiping utilities?
> > Date: Tue, 11 Feb 2003 11:20:16 -0600
> >
> > There are dozens of tools that will "clean" your hard drive by 
> > overwriting your data in various patterns and such and most any of 
> > those will give you "decent" security, but.. none of those are going 
> > to make the data irretrievable to someone with the right equipment.
> >
> > I'm no expert but the basics of being able to retrieve data stem from 
> > the fact that when the HDD head overwrites the data it's never able 
> > to perfectly write along the same track that it did when writing the 
> > original data.  This leaves an "edge" of data that wasn't quite 
> > overwritten and that "edge" is enough for someone with a basic setup 
> > (about 1500 USD) of specific equipment to go back and pull the 
> > original 1's and 0's off the disk..  The only way to truly "clean" 
> > the disk is using equipment specifically designed to drive the head 
> > at a higher voltage to create a wider write track and re-write random 
> > patterns many times.  From what I understand though even these 
> > re-writes will leave some residue that could be picked up by some 
> > high-end gear and a skilled operator.
> >
> > Essentially, if the data was really that sensitive, you need to 
> > physically destroy the disk.. -Ken
> >
> > -----Original Message-----
> > From: Joris De Donder [mailto:joris () digitaldefense be]
> > Sent: Tuesday, February 11, 2003 6:21 AM
> > To: 'security-basics () securityfocus com'
> > Cc: Champion, Steve
> > Subject: Suggestions on free XP hard drive wiping utilities?
> >
> >
> >
> > > Would someone please throw out a URL and suggestions for free 
> > > Windows
> > XP,
> > > hard drive wiping utility's?
> >
> > http://www.tolvanen.com/eraser/
> >
> > quote:
> >   "Eraser is a secure data removal tool, which allows you to remove
> >    sensitive data from your hard drive by overwriting it with carefully
> >    selected patterns.
> >
> >    The program is free software, which means that everyone has
> >    access to the source code,..."
> >
> >
> >
> >
> >
> > Joris De Donder
>
>
> _________________________________________________________________
> MSN 8 with e-mail virus protection service: 2 months FREE* 
> http://join.msn.com/?page=features/virus