Get your fill of sci-fi, science, and mockery of stupid ideas
http://stardestroyer.dyndns-home.com/
http://stardestroyer.dyndns-home.com/viewtopic.php?f=24&t=79558
Get the CD ISO and burn it to a cd.brothersinarm wrote:my laptop doesn't have a floppy
Perhaps, depends on the size of the drive, but if it has run for 10h it would take a herularian effort to restore the data.brothersinarm wrote:oh wait a cd version. Ok good I can use this. How fast does this program wipe? Do you think it can be done in under 10 hours?
Kewl, I can use this...
I was told that would not be secure.Couldn't you just reformat the drive?
Even if that overwrites every sector of the HD with zeros (and then rewrites the other stuff like the file table, etc.) all that data can be recovered. DOD standards usually require that each bit be rewritten randomly seven times.Rogue 9 wrote:Couldn't you just reformat the drive?
Latent magnetic signatures, if I recall correctly.Ace Pace wrote:If its all 0s, how can it be recovered?
I thought it was 10 rewrites required for less sensitive data. For the really sensitive stuff I've heard they go after the disk platters with a sander and/or melt the platters down.phongn wrote:Even if that overwrites every sector of the HD with zeros (and then rewrites the other stuff like the file table, etc.) all that data can be recovered. DOD standards usually require that each bit be rewritten randomly seven times.Rogue 9 wrote:Couldn't you just reformat the drive?
I'm not so sure. The following was written by a guy who works for Australian law enforcement doing data recovery.phongn wrote:Even if that overwrites every sector of the HD with zeros (and then rewrites the other stuff like the file table, etc.) all that data can be recovered. DOD standards usually require that each bit be rewritten randomly seven times.Rogue 9 wrote:Couldn't you just reformat the drive?
And indeed, Gutmann has apparently appended an epilogue to his paper:Now, there are some people out there who claim that data can be recovered even from a mid-level format.
A popular paper on this topic is written by Gutmann, and can be found here:
http://www.cs.auckland.ac.nz/~pgut001/p ... e_del.html
This document has been examined and a rather good rebuttal on it can be found here:
http://www.nber.org/sys-admin/overwritt ... ttman.html
I am of the opinion that the arguments put forward by the gentleman in the rebuttal document are accurate. I have yet to locate anyone on the planet who is capable of recovering useful data that has been overwritten. Having said that, there are a number of people in the field who have successfully recovered overwritten data under certain limiting conditions.
Firstly, the person has to know the nature of the data to begin with. I must admit that I'm not certain as to what extent this familiarity must be, but it sounds to me like you must know what the data is in order to make a determination on what it should be when recovered.
Secondly, the process is very slow - of the order of around 1 kilobyte per hour. Work out how long that would take for you to recover all your mp3 files off a 120GB drive.
Finally, this process is only capable of being performed on low-density drives, such as the MFM encoded drives mentioned earlier.
These issues mean that the recovery of overwritten data is impossible in the real world.
Now some of you are asking "if you can't recover data that has been overwritten just once, why do companies sell software that does multiple overwrites?"
I have an opinion on this, but I can't back it up with any facts. Here it is anyway:
Company A brings out DataDeathstar, a program that will eradicate your rebel files by overwriting them once. This is all you need.
Company B makes a similar product, perhaps without such a copyright-infringing name, but in order to sound better than Company A, they claim they can do multi-pass overwrites. Perhaps they back this decision up with the Gutmann article mentioned earlier.
Now if the cost is the same, Joe User will choose the program with more features - the version that does multi-pass overwrites.
This then precipitates an escalation in the number of wipes any package will perform, to make them sound better than their competitors. Eventually we end up with the Department of Defense 35-pass "standard", or the Bilbo-level Eleventy-billion Insano-wipe.
So why does the Department of Defense specify that huge multi-pass overwrite if one is enough? Once again I can only theorise, as I don't know anyone in that industry who could speak about this topic. Here goes:
Decisions are made by people far above the technical guys on the ground. That is, management types with no techie knowhow. I'm not berating this issue, as it is the same the world over.
At the weekly meeting, one of the subordinate guys points out he read a report from Gutmann about recovering data. It may have mentioned the MFM-issue but that's all techie-speak. The boss decides that he'd rather not risk his career on an issue he can't understand and doesn't have the resources to examine in any depth.
To be safe, he makes sure the standard is some huge amount of overkill, so he can never be determined to be a traitor by allowing data to get into the wrong hands.
This all seems fairly reasonable to me - everyone errs on the side of caution in a field they don't understand.
Also, the military has had loads of data on old MFM technology in their time, and recovery MAY be possible on this gear. Why make multiple standards for different types of drives when your staff may not be able to tell the difference between them?
They also have plenty of manpower, and would be quite happy letting some guys spend their days just wiping data, whether it's a waste of time or not.
Just remember one thing - one overwrite pass is enough to stop anyone recovering your data. If anyone tells you otherwise, tell them to put up or shut up. It's quite simple to get a floppy disk (or hard disk if they prefer), put some files on it and then wipe them so that they can be recovered with some magical system this person says exists. Make it easy for them and tell them what the file types are if you like - it won't help.
In the time since this paper was published, some people have treated the 35-pass overwrite technique described in it more as a kind of voodoo incantation to banish evil spirits than the result of a technical analysis of drive encoding techniques. As a result, they advocate applying the voodoo to PRML and EPRML drives even though it will have no more effect than a simple scrubbing with random data. In fact performing the full 35-pass overwrite is pointless for any drive since it targets a blend of scenarios involving all types of (normally-used) encoding technology, which covers everything back to 30+-year-old MFM methods (if you don't understand that statement, re-read the paper). If you're using a drive which uses encoding technology X, you only need to perform the passes specific to X, and you never need to perform all 35 passes. For any modern PRML/EPRML drive, a few passes of random scrubbing is the best you can do. As the paper says, "A good scrubbing with random data will do about as well as can be expected". This was true in 1996, and is still true now.
Looking at this from the other point of view, with the ever-increasing data density on disk platters and a corresponding reduction in feature size and use of exotic techniques to record data on the medium, it's unlikely that anything can be recovered from any recent drive except perhaps one or two levels via basic error-cancelling techniques. In particular the the drives in use at the time that this paper was originally written have mostly fallen out of use, so the methods that applied specifically to the older, lower-density technology don't apply any more. Conversely, with modern high-density drives, even if you've got 10KB of sensitive data on a drive and can't erase it with 100% certainty, the chances of an adversary being able to find the erased traces of that 10KB in 80GB of other erased traces are close to zero.