Re: [Full-disclosure] Gutmann's research paper today

On Tue, 07 Feb 2006 15:44:37 +0100, gimeshell@xxxxxx said:

Am i misunderstanding something or you can really say, if you're
writing to a modern disk, forget all special scrubbing technologies,
don't use Gutmann, don't use DoS 5220.22M or other pattern writing
technologies, only a few passes of random scrubbing will do the job?

DoD 5220.22M only requires 3 passes and verify of each pass - all zeros, all
ones, and all "the same character" (for instance, 'AAAAAAA..' or similar).
That's good for sanitizing disks up to Secret. For anything higher, physical
destruction is mandated. A "few passes of random scrubbing" is probably
equivalent to 5220.22M for any realistic usage.

One place where "random scrubbing" falls down is the requirement to *verify*
that the blocks were written. If you wrote a disk full of zeros, it's a
trivial matter to read it back and verify that all the bytes are zeros. If you
wrote a whole disk of pseudo-random, then you have to regenerate the entire
pseudo-random data stream in order to compare it....

And yes, the verify step is important - I've had more than one disk drive that
was still perfectly readable, but suffered hardware damage to the write hardware.
Writing 3 passes of anything and failing to verify on such a disk would result
in a disclosure of the entire disk's contents. Yes Virginia, there *are* disk
drive failures that will report a successful write but not actually work... ;)

Attachment: pgpnFxgBdNNrJ.pgp
Description: PGP signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Relevant Pages

  • Temporary lock-up under heavy write, MegaRAID RAID-5
    ... LSI Logic MegaRAID 320-1, 64MB cache ... when writing very large files. ... disk write access, actually). ... The RAID controller is currently set to "write-through". ...
    (Debian-User)
  • Re: X-CD Roast question again please
    ... Using generic SCSI-3/mmc CD-R driver. ... Disk sub type: Medium Type A, ... ATIP start of lead in: -11318 ... writing 152 KB of pad data. ...
    (RedHat)
  • Re: efficacy of Linux w/o swap
    ... | Caching is supposed to happen, and this does not affect performance. ... that the impact starts to degrade the writing process itself. ... | Writing directly to disk will substantially decrease performance. ... Performance for the first 3/4 of an IDE disk ...
    (comp.os.linux.development.system)
  • Re: Best way to deal with long loops?
    ... all disk access is 'expensive' ... but with a smarter descendant of TFileStream ... Writing these out from scratch. ... I expect the stock TTreeView is storing data rather differently ...
    (alt.comp.lang.borland-delphi)
  • Re: dvd writer not writing
    ... To use them as HUGE flopiies, you need a packet writing program like ... > other with just a number on each disk with 4x as part of the number. ... > gig DVD-r's could be used as plain old HUGE data disks. ...
    (microsoft.public.windowsxp.newusers)