Peter Gutmann data deletion theaory?

• Previous message: Michael Stone: "[SECURITY] [DSA 763-1] New zlib packages fix buffer overflow"
• Next in thread: Jay D. Dyson: "Re: Peter Gutmann data deletion theaory?"
• Reply: Jay D. Dyson: "Re: Peter Gutmann data deletion theaory?"
• Maybe reply: Jeremy Epstein: "RE: Peter Gutmann data deletion theaory?"
• Maybe reply: Glenn.Everhart_at_chase.com: "RE: Peter Gutmann data deletion theaory?"
• Reply: Barbara Lockwood: "RE: Peter Gutmann data deletion theaory?"
• Reply: Simple Nomad: "Re: Peter Gutmann data deletion theaory?"
• Reply: D. Weiss: "RE: Peter Gutmann data deletion theaory?"
• Reply: Dana Hudes: "Re: Peter Gutmann data deletion theaory?"
• Maybe reply: Earnhart, Benjamin J: "RE: Peter Gutmann data deletion theaory?"
• Reply: Robin Whittle: "Re: [BugTraq] Peter Gutmann data deletion theaory?"
• Maybe reply: Robert Thompson Jr.: "RE: Peter Gutmann data deletion theaory?"
• Reply: dave kleiman: "RE: Peter Gutmann data deletion theaory?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <focus-ms@securityfocus.com>
Date: Wed, 20 Jul 2005 19:48:44 -0400

All,

Do you all agree with Peter Gutman's conclusion on his theory that data can
never really be erased, as noted in his quote below:

"Data overwritten once or twice may be recovered by subtracting what is
expected to be read from a storage location from what is actually read. Data
which is overwritten an arbitrarily large number of times can still be
recovered provided that the new data isn't written to the same location as
the original data (for magnetic media), or that the recovery attempt is
carried out fairly soon after the new data was written (for RAM). For this
reason it is effectively impossible to sanitise storage locations by simple
overwriting them, no matter how many overwrite passes are made or what data
patterns are written. However by using the relatively simple methods
presented in this paper the task of an attacker can be made significantly
more difficult, if not prohibitively expensive."

It seems that the perhaps the only real way to rid your Hard Drives of data
is to burn them.

I'd love to hear some thoughts on this from security and data experts out
there.

• Previous message: Michael Stone: "[SECURITY] [DSA 763-1] New zlib packages fix buffer overflow"
• Next in thread: Jay D. Dyson: "Re: Peter Gutmann data deletion theaory?"
• Reply: Jay D. Dyson: "Re: Peter Gutmann data deletion theaory?"
• Maybe reply: Jeremy Epstein: "RE: Peter Gutmann data deletion theaory?"
• Maybe reply: Glenn.Everhart_at_chase.com: "RE: Peter Gutmann data deletion theaory?"
• Reply: Barbara Lockwood: "RE: Peter Gutmann data deletion theaory?"
• Reply: Simple Nomad: "Re: Peter Gutmann data deletion theaory?"
• Reply: D. Weiss: "RE: Peter Gutmann data deletion theaory?"
• Reply: Dana Hudes: "Re: Peter Gutmann data deletion theaory?"
• Maybe reply: Earnhart, Benjamin J: "RE: Peter Gutmann data deletion theaory?"
• Reply: Robin Whittle: "Re: [BugTraq] Peter Gutmann data deletion theaory?"
• Maybe reply: Robert Thompson Jr.: "RE: Peter Gutmann data deletion theaory?"
• Reply: dave kleiman: "RE: Peter Gutmann data deletion theaory?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]