Re: HD memory wiper/shredder

[Adam K <adamk1 () gmail com>]

Is there any guarentee from the PC makers that the data will be
destroyed ?  As at the end of the day if they misplace a drive with
your sensitive data, it is your reputation that will stand to be
deteriorated.

later,
Adam

On 4/28/05, Nostrom, Michael <nostrom () binghamton edu> wrote:
>  Just to drag the thread on a little longer I read this bite in my
> recent SANS email, thought it would be interesting reading for those
> interested.
> -Mike-
>
> --Rendering Drives Completely Unreadable Can be Difficult
> (20 April 2005)
> The National Association for Information Destruction has said it cannot
> endorse the use of wiping applications alone for ensuring that data have
> been effectively removed from hard drives.  NAID executive director Bob
> Johnson said the only way to ensure that the data will be unreadable is
> to physically destroy the drives, and even that has to be done in
> certain ways to ensure its efficacy.  Most major PC makers offer a drive
> destruction service for $20 or $30.  Some hardware engineers say they
> understand why the drives have been created in a way that makes it hard
> to completely erase the data: customers demanded it because they were
> afraid of losing information they had stored on their drives.
> http://news.com.com/2102-1029_3-5676995.html?tag=st.util.print
> [Editor's Note (Pescatore): Cool, I want a "National Association for
> Information Destruction" tee shirt. How hard could it be to have an
> interlock feature - you can really, really clear the drive if you open
> the case, hold this button down while you delete?
> (Ranum): Peter Guttman, from New Zealand, did a terrific talk in 1997
> at USENIX in which he showed electromicrographs of hard disk surfaces
> that had been "wiped" - you could still clearly see the 1s and 0s where
> the heads failed to line up perfectly on the track during the
> write/erase sequence. He also pointed out that you can tell more
> recently written data from less recently written data by the field
> strength in the area, which would actually make it much easier to tell
> what had been "wiped" versus what was persistent long-term store. The
> paper, minus the cool photos may be found at:
> http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
> Hard disks, I've found, make satisfying small arms targets.]
>
>
> -----Original Message-----
> From: Kinnell [mailto:kinnell.t () gmail com]
> Sent: Wednesday, April 27, 2005 12:28 PM
> To: nc () phat co nz
> Cc: security-basics () securityfocus com
> Subject: Re: HD memory wiper/shredder
>
> This was more than helpful.  Thank you all very much, and I'm sure
> we've all found out about quite a few we didn't know about before.
>
> thanks,
> Kinnell
>
> >  -----Original Message-----
> >  From: Kinnell [mailto:kinnell.t () gmail com]
> >  Sent: Monday, April 25, 2005 2:06 PM
> >  To: security-basics () securityfocus com
> >  Subject: HD memory wiper/shredder
> >  Hey all.
> >
> >  I recently had a friend ask me if I knew of any real good file
> >  shredders/wipers.  He wants to be able to securely shred a file used
> >  for an encryption key after it is no longer needed at that location.
> >  I couldn't think of any off of the top of my head but I figured this
> >  list would be a great place to start.  So does anyone know of a good
> >  shredder to use for this purpose?  Freeware would be preferred.
> >
> >  thanks,
> >  Kinnell