RE: Peter Gutmann data deletion theaory?

[<Glenn.Everhart () chase com>]

The relevant question one should ask is: how costly will it be (time, money)
to recover data?

If you have, for example, a modern tape and just zero it (write eofs at the
beginning), nearly every drive in the world will report blank tape errors if
you try to go past BOT, even if the tape store past there is physically untouched.

What's needed to decide how exposed erased data is would be instead how much
it might cost (and how many questions might be asked) to get someone with special
gear to attempt recovery? Possibly also it could make sense to ask how many
sites that could recover the data exist.

Merely writing zeroes (or anything else) once onto a disk sector means the
drive will as a general matter read what was written, not what used to be
there, regardless of the analogue magnetic state underlying. 

To judge whether that's enough to block an adversary, I need some idea how much
it'll cost to get the data back, and whether all recovery shops might ask embarrassing
questions about how someone came to have this disk, or make police reports or the like.

I don't believe I've seen any such information in this forum.

-----Original Message-----
From: Jared Johnson [mailto:jaredsjazz () Yahoo com]
Sent: Wednesday, July 20, 2005 7:49 PM
To: focus-ms () securityfocus com
Cc: bugtraq () securityfocus com
Subject: Peter Gutmann data deletion theaory?


All,

Do you all agree with Peter Gutman's conclusion on his theory that data can
never really be erased, as noted in his quote below:

"Data overwritten once or twice may be recovered by subtracting what is
expected to be read from a storage location from what is actually read. Data
which is overwritten an arbitrarily large number of times can still be
recovered provided that the new data isn't written to the same location as
the original data (for magnetic media), or that the recovery attempt is
carried out fairly soon after the new data was written (for RAM). For this
reason it is effectively impossible to sanitise storage locations by simple
overwriting them, no matter how many overwrite passes are made or what data
patterns are written. However by using the relatively simple methods
presented in this paper the task of an attacker can be made significantly
more difficult, if not prohibitively expensive."

It seems that the perhaps the only real way to rid your Hard Drives of data
is to burn them. 

I'd love to hear some thoughts on this from security and data experts out
there.





**********************************************************************
This transmission may contain information that is privileged, confidential and/or exempt from disclosure under 
applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, 
distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If 
you received this transmission in error, please immediately contact the sender and destroy the material in its 
entirety, whether in electronic or hard copy format. Thank you
**********************************************************************