Re: Hard Drive scrub

• Previous message: Ron Reaugh: "Re: Trojan horse Downloader.Generic.ML"
• In reply to: nemo_outis: "Re: Hard Drive scrub"
• Next in thread: Nog: "Re: Hard Drive scrub"
• Reply: Nog: "Re: Hard Drive scrub"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 17 Jun 2005 22:18:41 GMT

"nemo_outis" <abc@xyz.com> writes:

>"someone2" <someone@somewhere.nowhere> wrote in
>news:mjDse.50345$iU.44518@lakeread05:

>>
>> "nemo_outis" <abc@xyz.com> wrote in message
>> news:Xns96784A18143F3abcxyzcom@127.0.0.1...
>>> "---" <no@spam.com> wrote in news:kXtse.1721605$6l.1632425@pd7tw2no:
>>>
>>>> Content-Type: text/plain; charset="iso-8859-1"
>>>> Content-Transfer-Encoding: quoted-printable
>>>>
>>>> I've scrubed one of my hard drives using an application that does
>>>> multiple wipes followed by a final writing of all zeros to every
>>>> sector of the hard drive.
>>>>
>>>> How can I verify that the hard drive has truely been scrubed before
>>>> I send it offiste?
>>>>
>>>> Thank you
>>>
>>> Use any of the file-recovery tools, especially the forensic ones,
>>> such as Encase, etc.
>>>
>>> This will confirm *software* unrecoverability - if someone is willing
>>> to spend serious bucks, hardware recovery may still be possible.
>>>
>>> Regards,
>>>
>>
>> Not true.
>> After a 3 times overwrite virtually nothing is recoverable by any
>> professional
>> After a 30 times over write nothing is recoverable.

Not true. The tracks on the disk can shift by small amounts.Thus the
rewrite can cover a track that is shifted from the original (eg temp
changes, electronics changes in the head positioning etc). Those small side
tracks can still have useful info on them. It hard to read, and cannot be
done with the usual disk hardware, but with special read heads or STMs
information may well be recoverable.

>>
>> If someone has the capability to recover anything of use after 7 times
>> over write I want to speak to them. I will refer DR jobs to them!
>>
>> Re the OP and his ?. Winhex or similar and examine some random
>> sectors for text or data.

>The limits of the possible in data recovery are NOT set by the commercial
>recovery houses.

>The US DoD recommends *destruction* of any HD that is to pass outside the
>agency, EVEN for those used just for general office work, let alone those
>those that once contained classified data (see, for instance, DoD
>Directive 8500.1, October 2002. The ancient DoD 5220.22-M with its
>overwrite specs was rescinded as obsolete long ago!).

>Even degaussing is viewed askance (since only the top-end units can
>handle modern high-coercivity drives, and, even then, reliability - 80+
>dB suppression - is spotty). Software methods, such as overwriting, just
>don't cut it against a serious adversary (even ignoring, for the moment,
>that things such as HD buffers - some bigger than 8 megs - may result in
>7 overwrites really only resulting in one!).

>Yes, a disk that has been overwritten many times times will not be
>recoverable by an ordinary recovery shop, but they do not use methods
>such as second-harmonic magnetoresistive microscopy and newer variants
>(since they would never be economically viable See, for instance,
>http://www.boulder.nist.gov). Ordinary users need not worry about such
>recovery methods, but they are well within the capabilities of TLAs and
>some other labs (which is why I used "may" in my post).

>If a HD contains, or has ever contained, sensitive data it should be
>destroyed, not erased, when one is finished with it. Since new drives
>cost less than $1/gig these days, anything else is madness.

Agree completely.
 And when you destroy it, make sure that you heat the platters to a high
temp.

>Regards,

• Previous message: Ron Reaugh: "Re: Trojan horse Downloader.Generic.ML"
• In reply to: nemo_outis: "Re: Hard Drive scrub"
• Next in thread: Nog: "Re: Hard Drive scrub"
• Reply: Nog: "Re: Hard Drive scrub"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]