Re: RE: Peter Gutmann data deletion theaory?
On Sat, 23 Jul 2005, Ron van Daal wrote:
We were not allowed to do a seven pass government wipe to dispose of the
drives as our security people deemed it inadequate, we turned them over to
our classified waste people who stored them until there were enough to
justify having the platters removed and mechanicaly beaten into little
lumps of metal.
There is no 7 pass government wipe. It is a 3 pass wipe. It is referred to
as a 7 pass wipe because an app that did a 7 pass wipe passed govt muster
and was purchased. Odds are that if it had done it in 3 wipes it would
have still passed. If a vendor is saying "we do a 7 pass govt wipe" ask
them if one of those passes involves *verifiying* the writing of random
data, and if one of the passes in the inversion of another wipe (i.e. a
wipe with 0x0f and a wipe with 0xf0) to the drive. If not, it won't pass
that "government standard" I referred to in another post a few days ago.
Aren't you being too paranoid? I think a simple zeroing out of your entire
drive using dd(1) starting with the first sector is enough to cover your
privacy. I don't know about other ""secret"" government agencies in NL or
other counties who actually do microscopic magnetic recovery efforts, but
dd(1) does the trick to defeat disk analysis by our national digital crime
unit. From what I've read in one of their internal memo's is that they just
use a hexdump(1) alike utility to find any non-zero bytes on the drive to
conclude "the drive has been wiped entirely".
I basically agree with this. If any government can recover data via some
ninja electron microscope fu, odds are it is a state secret and they
wouldn't reveal they got your data nor reveal it in court (then it
wouldn't be a state secret anymore...) so it truly is a moot point, unless
the recovered data makes you an enemy combatant or something. Again, we
really have covered this topic several times here.
-SN, fairly drunk in Vegas so hopefully this made sense....