On Mon, Sep 19, 2011 at 10:27 AM, Aaron Toponce <aaron.topo...@gmail.com> wrote: > On Sat, Sep 17, 2011 at 08:59:14AM +0200, Ralf Mardorf wrote: >> If you want to be safe, you need to overwrite the data several times, > > Have anything to back that up? If you're using drives that used the old MFM > or RLL encoding schemes, and had massive space for bits per linear inch, > then sure, but on today's drives, with perpindicular encoding, and the > extremely dense bit capacity, going more than once is silly.
That conclusion is not valid. All such analysis is sensitive to the value of the data. If you are going up against a serious adversary, colloquially known as "National Technical Means", then no amount of overwriting is secure. If you are going up against an ordinary thief of the machine or drive, then a single overwrite is sufficient. In fact there is no need to overwrite the entire drive when the meta-data of directories, inodes, journals, etc. is a small fraction of the entire drive. I perform this service for commercial recyclers. In addition to scrubbing techniques, some need to damage the drive by rendering it non-functional (with a hammer or a drill). Some need to destroy the drive, usually by shredding. Some need to destroy the recording medium, for which incineration tends to be the least expensive. For high security situations a combination of scrubbing and physical measures are recommended. For example, unscrubbed media that has been finely shredded can still offer recoverable data because the high density of the recording means that a very small shred may contain many intact sectors of data. > >> 'shred' does delete data several times. We hardly are able to recover >> data that one time really was deleted at home, but CSI is able to do >> this > > [citation needed] > >> and I'm not talking about the trash that is produced by Jerry >> Bruckheimer. There e.g. are real methods with lasers that make it >> possible to recover magnetic data from sledgehammer deformed HDDs and >> even a private person legally just need to pay some k of Euros to a >> company and can benefit from those methods. OTOH nobody is able to >> factorise primes, it would take 20 or 30 years to crack openPGP with a >> super computer, but if there should be delicate data on your HDDs, that >> isn't encrypted, note, it just takes some seconds to open the door of >> your flat and to get your HDD that's still in use. > > You may want to read this, as well as the references the article links to: > > http://goo.gl/5QG4U > > Claiming that you can recover data after a single pass of zeros on today's > spinning platters is urban legend. No. Consider that those organizations able to recover after a single pass with known mask pattern have a negative incentive to advertise their abilities. One pass scrubbing, even with a variable mask pattern driven by a TRNG rather than a PRNG, is ineffective because the write activity hands the adversary a complete copy of the mask pattern. A second pass to obscure the mask pattern is strongly recommended. > I guess if you like wasting your time, > go for it. I've got better things to do than do several passes on a 2TB > SATA disk, running at 30MBps, and I can sleep at night knowing that no one > will get access to the data. Why do you care how long it takes? Stick the drive in in a spare, low-end machine and let it hum for as long as it takes. Lee Winter Nashua, New Hampshire United States of America (NDY) -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/cabaahfcp5mo1c4zjenrh1wsth7hhojsm-0yuz0suxocqe2z...@mail.gmail.com
