Re: RE: Peter Gutmann data deletion theaory?

[Ron van Daal <ronvdaal () n1x nl>]

> We were not allowed to do a seven pass government wipe to dispose of the drives as our security people deemed it 
> inadequate, we turned them over to our classified waste people who stored them until there were enough to justify 
> having the platters removed and mechanicaly beaten into little lumps of metal.

Aren't you being too paranoid? I think a simple zeroing out of your entire 
drive using dd(1) starting with the first sector is enough to cover your
privacy. I don't know about other ""secret"" government agencies in NL or 
other counties who actually do microscopic magnetic recovery efforts, but
dd(1) does the trick to defeat disk analysis by our national digital crime 
unit. From what I've read in one of their internal memo's is that they just
use a hexdump(1) alike utility to find any non-zero bytes on the drive to 
conclude "the drive has been wiped entirely".

As far as I know will our National Forensics Institute not go any further.
To be more precise: most disks analyses are being done automaticly rather
than by hand (which is even more the case with the digital crime unit).

For this they use registry-catalogs, browser cache/cookie/history inventory
programs, raw disk searching on strings, and the like. Which is pretty
logical as disk sizes are rapidly increasing, making the analysers' job 
pretty difficult because of the ever increasing haystack. While data hiding
techniques continue to develop - making the needle even harder to find.

Grt,

Ron van Daal