Security Basics mailing list archives
RE: Hard drives v. CF/Smart media/etc.
From: "Herman Frederick Ebeling, Jr." <hfebelingjr () lycos com>
Date: Wed, 19 Oct 2005 13:25:41 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----Original Message---- From: FocusHacks [mailto:focushacks () gmail com] Sent: Wednesday, 19 October, 2005 12:06 To: hfebelingjr () lycos com Subject: Re: Hard drives v. CF/Smart media/etc. : NTFS is also identical to FAT as far as file recovery goes. The space : is marked as available, the filename is marked as deleted in the NTFS : file table, and that's that. : : I use Eraser 5.2 to completely eradicate files one at a time from a hard drive. : : After one over-write, file recovery tools are pretty much useless, so : tools like PGP Wipe, Eraser 5.2 et al, would more than do the trick to : keep the average Joe from getting the file(s) that you want to be : gone. : : Expensive data recovery gurus can use electron scanning microscopes to : analyze the surface of the disc and actually see previous data much in : the same way you can tell the past of a tree by looking at the rings : in the trunk. Some experts say that this technology has been : perfected so well that it's sometimes possible to access every bit of : information back to when the drive was freshly assembled. I don't : know how much truth there is to that claim, though. I do know that 10 : overwrites isn't enough for the ultra-paranoid. This also goes for : re-writeable optical or magneto-optical media. Traces of previous : contents can still exist after multiple erase and over-writes. Which is why I was surprised to see on CSI: NY that they NYC police had such a piece of equipment. : : Physical destruction is usually the best method. There are companies : that sell metal shredding machines that will reduce hard drives, : fist-fulls of DVD's and CD's, floppy diskettes and anything else you : can think of, into tiny shards of scrap. There's no data recovery : expert in the world that's prepared for that. Cool, and for those who can afford those shredding machines there's the ole Black & Decker drill, 10 oz ball peen hammer, and fire. . . : : Flash media is different than magnetic media. There are no residual : magnetic particles. Each bit is held in a binary state and that's : that. One overwrite, all gone, period. Simply erasing the file will : result in a recoverable situation, but a program that actually : overwrites the filespace or the whole drive will easily destroy : everything on the media. That's what I thought. : : If you have a very large capacity flash device, say a 4 gigabyte : compact flash card that you needed completely wiped in a hurry, you : could toss it into a microwave for 10-30 seconds. Sure, you would : never be able to use it again; however, at the same time all the data : would be completely decimated without any question. This is : borderline between physical and logical destruction. What if anything happens to the microwave? : : On 10/18/05, Herman Frederick Ebeling, Jr. <hfebelingjr () lycos com> wrote: :: :: -----BEGIN PGP SIGNED MESSAGE----- :: Hash: SHA1 :: :: - ----Original Message---- :: From: Raoul Armfield [mailto:armfield () amnh org] :: Sent: Tuesday, 18 October, 2005 14:09 :: To: hfebelingjr () lycos com :: Cc: security-basics () securityfocus com :: Subject: Re: Hard drives v. CF/Smart media/etc. :: ::: Herman Frederick Ebeling, Jr. wrote: :::: -----BEGIN PGP SIGNED MESSAGE----- :::: Hash: SHA1 :::: :::: Here's a good question that I don't think I've seen any articles on. As we :::: all know even though that just because a :::: file is "deleted" from a HD doesn't mean that the info is really "deleted" :::: as it can (depending on how badly someone :::: wants to) be recovered. Does the same hold true for CF/Smart media/etc. types of media? :::: ::: ::: Yes since they are for the most part using FAT or FAT32 as the file ::: system. So deleting a file still only marks the space as overwritable ::: not actually removing the data. :: :: Raoul, :: :: What if someone is using the NTFS file system? How many time would one have to :: overwrite the data before it became :: unrecoverable? Would say PGPs wipe function be more effective on flash media :: then on an actual HD/floppy disk? :: :: Herman :: :: -----BEGIN PGP SIGNATURE----- :: Version: PGP 8.0.3 :: :: iQA/AwUBQ1V0wh/i52nbE9vTEQKcqQCg93VFNucBSiViwFI3o8acmgb3XWAAoPLQ cLKbe0/jyjuCdDQGiZ8V3y2x :: =Kw4s :: -----END PGP SIGNATURE----- -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 iQA/AwUBQ1Z8Nx/i52nbE9vTEQJtPQCgoz/5xEHU+0YLCy9lDMoGfMFt4ewAni2p 5rBvsUZ33DpIiVF5pnKUB1Kf =xGl5 -----END PGP SIGNATURE-----
Current thread:
- RE: Hard drives v. CF/Smart media/etc. Herman Frederick Ebeling, Jr. (Oct 21)
- Re: Hard drives v. CF/Smart media/etc. FocusHacks (Oct 21)
- RE: Hard drives v. CF/Smart media/etc. Herman Frederick Ebeling, Jr. (Oct 21)
- <Possible follow-ups>
- Re: Hard drives v. CF/Smart media/etc. FocusHacks (Oct 21)
- RE: Hard drives v. CF/Smart media/etc. Brian Loe (Oct 24)
- RE: Hard drives v. CF/Smart media/etc. Herman Frederick Ebeling, Jr. (Oct 24)
- Optical media destruction Was: Hard drives v. CF/Smart media/etc. Alexander Klimov (Oct 25)
- Re: Optical media destruction Was: Hard drives v. CF/Smart media/etc. Terence Summers (Oct 26)
- Re: Optical media destruction Was: Hard drives v. CF/Smart media/etc. Alloishus BeauMains (Oct 26)
- Re: Optical media destruction Was: Hard drives v. CF/Smart media/etc. Jeffrey F. Bloss (Oct 27)
- RE: Hard drives v. CF/Smart media/etc. Brian Loe (Oct 24)
- Re: Hard drives v. CF/Smart media/etc. FocusHacks (Oct 21)
- Re: Hard drives v. CF/Smart media/etc. Fred Cohen (Oct 25)