Bugtraq mailing list archives
RE: Peter Gutmann data deletion theaory?
From: "Jared Johnson" <jaredsjazz () Yahoo com>
Date: Thu, 21 Jul 2005 19:37:09 -0400
Interesting. Well it all makes sense. I'm trying to setup a routine for our corporation to regularly wipe our old hard drives before dumping and donating them. It's fairly sensitive data in that if our competitors got a hold of it, it would probably put us out of business. Seems that just the simple DoD standard should suffice though. Thanks for all your responses. -----Original Message----- From: Simple Nomad [mailto:thegnome () nmrc org] Sent: Thursday, July 21, 2005 3:07 PM To: bugtraq () securityfocus com Cc: Jared Johnson; focus-ms () securityfocus com Subject: Re: Peter Gutmann data deletion theaory? On Wednesday 20 July 2005 18:48, Jared Johnson wrote:
Data overwritten once or twice
<snip> The quote is from 1996. I spoke with Guttman about this at AusCERT a few years ago and even *he* doesn't believe it anymore. Drive technology has changed substantially since then. The main areas where criminals get caught with bad stuff on their drives by forensics people is from 1) not knowing where the data is being written to (browser cache, swap file, etc) 2) not doing any overwrite of the data as a part of deletion, and 3) not taking into consideration such items as file slack. Drives that do caching and file systems that do journaling also may be a factor. That being said, 3 wipes are "good enough for government work". DoD 5220.22-M chapter 8 subsection 306 in the Cleaing and Sanitization Matrix shows under the Magentic Disk section that to properly sanitize a non-removable rigid drive, that the choices of degaussing, destruction of the drive, or a 3 pass wipe are acceptible methods for disk sanitation. Note that the 3 pass wipe method is NOT acceptable for drives that contained Top Secret information - so unless the drive contained Top Secret material, you're covered. It should be noted that this issue has been done to death on bugtraq several times. -- # Simple Nomad, C²ISSP -- thegnome () nmrc org # # C1B1 E749 25DF 867C 36D4 1E14 247A A4BD 6838 F11D # # http://www.nmrc.org/~thegnome/ #
Current thread:
- RE: Peter Gutmann data deletion theaory?, (continued)
- RE: Peter Gutmann data deletion theaory? Barbara Lockwood (Jul 21)
- RE: Peter Gutmann data deletion theaory? Tiago Halm (Jul 22)
- Re: Peter Gutmann data deletion theaory? Jay D. Dyson (Jul 21)
- Re: Peter Gutmann data deletion theaory? Thor (Hammer of God) (Jul 22)
- Re: Peter Gutmann data deletion theaory? Simple Nomad (Jul 21)
- Re: Peter Gutmann data deletion theaory? Volker Tanger (Jul 22)
- Re: Peter Gutmann data deletion theaory? Alexander L. Ivanchev (Jul 27)
- Re: Peter Gutmann data deletion theaory? Casper . Dik (Jul 27)
- Re: Peter Gutmann data deletion theaory? Vincent DUVERNET (Nolmë Informatique) (Jul 22)
- Re: Peter Gutmann data deletion theaory? Jake Appelbaum (Jul 27)
- RE: Peter Gutmann data deletion theaory? Jared Johnson (Jul 22)
- Re: Peter Gutmann data deletion theaory? Volker Tanger (Jul 22)
- RE: Peter Gutmann data deletion theaory? D. Weiss (Jul 22)
- Re: Peter Gutmann data deletion theaory? Dana Hudes (Jul 22)
- Re: [BugTraq] Peter Gutmann data deletion theaory? Robin Whittle (Jul 22)
- Re: [BugTraq] Peter Gutmann data deletion theaory? Volker Kuhlmann (Jul 27)
- RE: Peter Gutmann data deletion theaory? dave kleiman (Jul 27)
- RE: Peter Gutmann data deletion theaory? Jeremy Epstein (Jul 21)
- RE: Peter Gutmann data deletion theaory? Glenn.Everhart (Jul 21)
- Re: RE: Peter Gutmann data deletion theaory? underwood-de (Jul 22)
- Re: RE: Peter Gutmann data deletion theaory? Ron van Daal (Jul 27)
- Re: RE: Peter Gutmann data deletion theaory? Simple Nomad (Jul 28)
- Re: RE: Peter Gutmann data deletion theaory? Ron van Daal (Jul 27)
(Thread continues...)
- RE: Peter Gutmann data deletion theaory? Barbara Lockwood (Jul 21)