<<< Date Index >>>     <<< Thread Index >>>

Re: Peter Gutmann data deletion theaory?



The NSA disagree and have conducted laboratory tests.
I work for NYC as a unix admin (Solaris). We use the sun format purge to 
erase disks (that can be written to; drives that won't spin up or can't be 
written are another problem).

I guarantee that a sufficiently strong degausser will erase your 
data...along with the timing tracks and possibly burning out micromotors 
and ball bearings. Its a question of how many oersteds you need for the 
drive so that the magnetic field penetrates the housing (take out the 
platters and you have another situation entirely).

I don't have the site bookmarked at home but NIST or NSA have a site which 
reviews the degaussing equipment and other data erasure techniques.





On Wed, 20 Jul 2005, Jared Johnson wrote:

> All,
> 
> Do you all agree with Peter Gutman's conclusion on his theory that data can
> never really be erased, as noted in his quote below:
> 
> "Data overwritten once or twice may be recovered by subtracting what is
> expected to be read from a storage location from what is actually read. Data
> which is overwritten an arbitrarily large number of times can still be
> recovered provided that the new data isn't written to the same location as
> the original data (for magnetic media), or that the recovery attempt is
> carried out fairly soon after the new data was written (for RAM). For this
> reason it is effectively impossible to sanitise storage locations by simple
> overwriting them, no matter how many overwrite passes are made or what data
> patterns are written. However by using the relatively simple methods
> presented in this paper the task of an attacker can be made significantly
> more difficult, if not prohibitively expensive."
> 
> It seems that the perhaps the only real way to rid your Hard Drives of data
> is to burn them. 
> 
> I'd love to hear some thoughts on this from security and data experts out
> there.
> 
> 
> 
>