Re: Hard Drive scrub

From: Nog (nognog_at_adelphia.net)
Date: 06/22/05 

Date: Tue, 21 Jun 2005 20:03:18 -0400

http://www.micro2000.co.uk/products/eraserdisk/features.htm

"Unruh" <unruh-spam@physics.ubc.ca> wrote in message
news:d8vi81$et$1@nntp.itservices.ubc.ca...
> "nemo_outis" <abc@xyz.com> writes:
>
>>"someone2" <someone@somewhere.nowhere> wrote in
>>news:mjDse.50345$iU.44518@lakeread05:
>
>>>
>>> "nemo_outis" <abc@xyz.com> wrote in message
>>> news:Xns96784A18143F3abcxyzcom@127.0.0.1...
>>>> "---" <no@spam.com> wrote in news:kXtse.1721605$6l.1632425@pd7tw2no:
>>>>
>>>>> Content-Type: text/plain; charset="iso-8859-1"
>>>>> Content-Transfer-Encoding: quoted-printable
>>>>>
>>>>> I've scrubed one of my hard drives using an application that does
>>>>> multiple wipes followed by a final writing of all zeros to every
>>>>> sector of the hard drive.
>>>>>
>>>>> How can I verify that the hard drive has truely been scrubed before
>>>>> I send it offiste?
>>>>>
>>>>> Thank you
>>>>
>>>> Use any of the file-recovery tools, especially the forensic ones,
>>>> such as Encase, etc.
>>>>
>>>> This will confirm *software* unrecoverability - if someone is willing
>>>> to spend serious bucks, hardware recovery may still be possible.
>>>>
>>>> Regards,
>>>>
>>>
>>> Not true.
>>> After a 3 times overwrite virtually nothing is recoverable by any
>>> professional
>>> After a 30 times over write nothing is recoverable.
>
> Not true. The tracks on the disk can shift by small amounts.Thus the
> rewrite can cover a track that is shifted from the original (eg temp
> changes, electronics changes in the head positioning etc). Those small
> side
> tracks can still have useful info on them. It hard to read, and cannot be
> done with the usual disk hardware, but with special read heads or STMs
> information may well be recoverable.
>
>>>
>>> If someone has the capability to recover anything of use after 7 times
>>> over write I want to speak to them. I will refer DR jobs to them!
>>>
>>> Re the OP and his ?. Winhex or similar and examine some random
>>> sectors for text or data.
>
>
>>The limits of the possible in data recovery are NOT set by the commercial
>>recovery houses.
>
>>The US DoD recommends *destruction* of any HD that is to pass outside the
>>agency, EVEN for those used just for general office work, let alone those
>>those that once contained classified data (see, for instance, DoD
>>Directive 8500.1, October 2002. The ancient DoD 5220.22-M with its
>>overwrite specs was rescinded as obsolete long ago!).
>
>>Even degaussing is viewed askance (since only the top-end units can
>>handle modern high-coercivity drives, and, even then, reliability - 80+
>>dB suppression - is spotty). Software methods, such as overwriting, just
>>don't cut it against a serious adversary (even ignoring, for the moment,
>>that things such as HD buffers - some bigger than 8 megs - may result in
>>7 overwrites really only resulting in one!).
>
>>Yes, a disk that has been overwritten many times times will not be
>>recoverable by an ordinary recovery shop, but they do not use methods
>>such as second-harmonic magnetoresistive microscopy and newer variants
>>(since they would never be economically viable See, for instance,
>>http://www.boulder.nist.gov). Ordinary users need not worry about such
>>recovery methods, but they are well within the capabilities of TLAs and
>>some other labs (which is why I used "may" in my post).
>
>>If a HD contains, or has ever contained, sensitive data it should be
>>destroyed, not erased, when one is finished with it. Since new drives
>>cost less than $1/gig these days, anything else is madness.
>
> Agree completely.
> And when you destroy it, make sure that you heat the platters to a high
> temp.
>
>
>>Regards,
>

Relevant Pages

  • Re: FileCopy overwrites the existing file
    ... Perhaps the possibility of recovery depends on how long ... the data stays on the disk before overwrite. ... Another solution to the "safe erase" problem - full disk encryption. ... company's secret (and top data recovery companies cooperate strictly ...
    (microsoft.public.win32.programmer.kernel)
  • Re: FileCopy overwrites the existing file
    ... the statement like " any good data recovery company can do it ... only by disk incineration..... ... I recall reading some newer document stating 3-times overwrite is ...
    (microsoft.public.win32.programmer.kernel)
  • Re: FileCopy overwrites the existing file
    ... the ntdev newsgroup where two people who work for a hard drive company read ... This is the reason why no data recovery company ... only by disk incineration..... ... I recall reading some newer document stating 3-times overwrite is ...
    (microsoft.public.win32.programmer.kernel)
  • Re: Is it HighPoint, is it Seagate, or is it Windows 2000 Professional
    ... I have really learnt about the uses and limits of RAID. ... Use all the manufacturer recommended system recovery ... provisions -- Emergency Disk, have a DOS boot disk ready, ... what could cause Windows to suddenly change its mind ...
    (microsoft.public.win2000.setup)
  • Re: FIXMBR redux
    ... The disk image fileset is not itself usable to boot ... > As far as the boot menu asking whether to select Windows XP or Recovery ... > the Recovery Console interface (but that won't eliminate the Recovery ...
    (microsoft.public.windowsxp.basics)