Re: How secure are disk erase programs ?

From: Moe Trin (ibuprofin_at_painkiller.example.tld)
Date: 10/09/04


Date: Fri, 08 Oct 2004 17:33:55 -0500

In article <Vhv9d.211667$D%.75609@attbi_s51>, TheGoGuy wrote:
>Hehe, not quite, more the threat level of normal paranoia.
>But yes, you make a good point.

If all you are worried about is some person who will be using some
software - such as a disk editor - to find stuff on the hard drive,
virtually any application that overwrites "deleted" files. and the
"unused" space at the end of each file is probably enough. Whether
the disk space is actually overwritten once, or a hundred times
makes little difference. To "get around" that kind of wiping,
someone is going to have to gain physical access to the hard drive
and modify the electronics. A data recovery service like Ontrack
should be able to do this for a significant fee. See www.ontrack.com/

If that doesn't recover the data, then it's clean room time, vid a
much more difficult (read expen$ive) job. A disk recovery service
_MIGHT_ be able to do this - but now we''re getting into forensics.
See http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html which
is the classic paper on this problem.

There are several ways to _AVOID_ the problem. The first. and cheapest
way is to simply not put "sensitive" data on the computer in the first
place.

If you must put the data onto the computer (doesn't matter if it's on
the hard disk, or a floppy), know that the data MAY have been written
to a disk swap file. Consult the documentation of your operating system
(not everyone uses windoze) and the applications. Some have ways of
disabling swap (also known as "virtual memory"). If you can't control
this, or are unable to determine this is a problem, assume that this
data has been stashed to disk, and act accordingly.

If you can disable swap, and must use the computer, use a disk
encryption program, AND KEEP THE PASSWORD/KEYS ELSEWHERE. It's a
total waste of time/effort if you encrypt the file/disk/whatever,
and tell the computer to remember your password and automatically
decrypt the data when needed. You might think this is insane, but
the world is full of fools who do this. If you use a strong (which
means something that has been "peer reviewed" - ruling out anything
that comes from Microsoft), you are going to make it much more
difficult for the competitors who steal your laptop that has the
secret formula for FooBar Cola. But remember this .sig:

The two most common things in the universe are hydrogen and stupidity.
                                     -- Harlan Ellison

       Old guy



Relevant Pages

  • Re: Windows 2003 Dynamic Disk Emergency
    ... I have to assume the drive's MBR has a structure problem -- you should ... The structure of an MBR-format dynamic disk is quite different from ... but you will have to contact a recovery service to proceed further. ...
    (microsoft.public.windows.server.general)
  • Re: Calling all Windows Pros (Scandisk and MP3s)
    ... There are a number of disk editor tools available, ... > I dont have any specific reccommendations. ... > The other option is a paid for recovery service eg ondata, ... >> individuals have expierenced this same issue with other hard drives. ...
    (microsoft.public.win2000.general)