Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Stealthier Internet access

From: Christian Sciberras <uuf6429 () gmail com>
Date: Tue, 25 May 2010 22:42:56 +0200
Valdis, you're wrong.
Give me another century and I'll prove it to you.


:-)

On Tue, May 25, 2010 at 10:08 PM, <Valdis.Kletnieks () vt edu> wrote:


On Wed, 26 May 2010 01:25:25 +0545, Bipin Gautam said:

Rest of article actually looks good at first glance, but this jumped out at
me:


-Software disk Wiping:
 Wipe KEY, header of your encrypted storage volume (first few mb, ref
specific manual) Ref using Peter Gutmann standard of data wipeing (35
wipes)
And wipe entire storage using U.S. DoD 5200.28-STD (7 wipes)


There is zero evidence that anybody is able to recover data after even a
single overwrite of /dev/zero on a disk drive made this century.  Even in
the MFM days, Gutmann's recovery technique was difficult - today's
densities
render it essentially impossible.  Even if it's possible, if your threat
model
includes the sort of organizations that could theoretically do it, maybe
you
should be considering thermite rather than software wipes.  Especially if
they're pounding on your door. ;)

I'm more than open to hear of any *confirmed* cases of data recovered after
even a single overwrite anytime after 1995.  To date, I have not seen one.
Prove me wrong, guys. ;)


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: