They sold you a product that is available free (i.e. OpenOffice). They charged you $150.
Yes, they probably make quite a lot of money.
They sold you a product that is available free (i.e. OpenOffice). They charged you $150.
Yes, they probably make quite a lot of money.
Ironically for this forum, all the talk about more than one overwrite pass needed to totally wipe data is actually anecdotal and has never been shown to be true. I'd post a link to a page I wrote discussing this topic but...first post, can't post links - you know the drill.
The idea that you need multiple numbers of overwrite passes is based on an old paper written on theoretical data recovery on hardware made about 10 years ago or more. As you can imagine, very few hard drives are still in use today that were made a decade ago.
If it helps, as a long-time lurker I finally registered just so I could speak on this topic.
For nuking disks, I'd recommend a DBAN bootdisk. A single overwrite pass with that will mean that no-one on the planet is getting your data back.
The idea that you need multiple numbers of overwrite passes is based on an old paper written on theoretical data recovery on hardware made about 10 years ago or more. As you can imagine, very few hard drives are still in use today that were made a decade ago.
If it helps, as a long-time lurker I finally registered just so I could speak on this topic.
For nuking disks, I'd recommend a DBAN bootdisk. A single overwrite pass with that will mean that no-one on the planet is getting your data back.
post without the http:// on it. we can copy/paste the url.
Here's a link to the original paper I believe you're referring to:
http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
It mainly deals with recovering data from MFM or SPM encoded drives (no longer used). In the epilogue the author talks about more modern drives:
"For any modern PRML/EPRML drive, a few passes of random scrubbing is the best you can do. As the paper says, "A good scrubbing with random data will do about as well as can be expected". This was true in 1996, and is still true now."
Not sure when the epilogue was written.
DBAN available here:
http://dban.sourceforge.net/
Well, I _do_ refer to that rather elderly article. But the page in question is shsc.info/DataRecovery
What I thought was ironic about the discussion here is that there is no physical evidence of anyone on the planet ever manging to recover a useful amount of overwritten data. And by "useful", I mean anything more than a few bytes. Reliability of recovered data is woeful. If anyone knows of anyone other than Professor Gomez at the Uni of Maryland, please let me know. He seems to be the only one who has bothered cracking out the STEM to give it a go.
So to me, as someone who has a vested interest in the field and has done rather a lot of asking around on the topic, it is very similar to dowsing
clickable version of your page:
http://shsc.info/DataRecovery
no disagreement that the software tools listed on your page won't recover a single pass, but I think (with, as you point out, no real proof yet) hardware forensics tools could recover from a single overwrite, especially when overwritten with known data.
In digging around a bit I've found an interesting bit of trivia. You ask "So why does the Department of Defense specify that huge multi-pass overwrite if one is enough?"
As far as I've been able to find the DOD doesn't actually recommend multi-pass overwrite. They only allow destruction.
The document cited is frequently: DOD 5220.22-M
Which can be found online here:
http://www.dss.mil/isec/nispom.pdf
See chapter 5, section 7 (page 51 of the pdf). No mention of multiple passes of hard drives that I can find. Just destruction.
http://shsc.info/DataRecovery
no disagreement that the software tools listed on your page won't recover a single pass, but I think (with, as you point out, no real proof yet) hardware forensics tools could recover from a single overwrite, especially when overwritten with known data.
In digging around a bit I've found an interesting bit of trivia. You ask "So why does the Department of Defense specify that huge multi-pass overwrite if one is enough?"
As far as I've been able to find the DOD doesn't actually recommend multi-pass overwrite. They only allow destruction.
The document cited is frequently: DOD 5220.22-M
Which can be found online here:
http://www.dss.mil/isec/nispom.pdf
See chapter 5, section 7 (page 51 of the pdf). No mention of multiple passes of hard drives that I can find. Just destruction.
Molinaro
Illuminator
- Joined
- Dec 7, 2005
- Messages
- 4,781
Being someone who *hates* opening .pdf links.. I'll offer a nice .htm page that includes a nice little summary matrix of the Military Specs for various storage mediums:
http://www.killdisk.com/dod.htm
http://www.killdisk.com/dod.htm
HTML versions (and Word doc versions if you're a masochist) of the whole thing are here:
http://www.dss.mil/isec/nispom.htm
Now what's odd is that cleaning/sanitizing matrix is in the 1995 version, but seems to be removed from the updated version. I don't think that is part of official policy anymore. And the old matrix itself states 3 passes is sufficient but shouldn't be used for really secret things.
And as Gromit points out there isn't any real evidence (that I've found) of one-pass drives being recovered. I'll stick with my 3 passes as it isn't really that much more. I never bought into the 20 pass crap anyway.
That's the unsual thing, isn't it. On a sceptic web forum, where proof is king, people still hold onto the "more than one overwrite is needed" thing even though no evidence shows it.
kevin: No, there is no hardware recovery solution available. The best people in the world to handle it is probably Kroll OnTrack - they are who the US military and the NSA use for data recovery. I hate to think what hurdles they needed to jump through in order to get the clearance.
But they can no more recover once-overwritten data than you or I. As a computer forensic analyst, I'm in contact with an international body of people with an interest in this field and no-one has been able to find ANY evidence of this kind of recovery being possible.
Given that, why do people cling to this enduring belief? (Or rather, when asked to precure evidence and fail to do so.) Why is it treated differently to that of more classicly paranormal claims? Just because it relies on fantastical statements based on real physics, rather than blatant pseudo-scientific claptrap?
I'm not expecting to change people's minds here, much the same as a lot of posters here don't think that they will change a woo's opinion, I guess. Excuses will always be forthcoming, the most popular, of course, being "the guvmint can do it, but they don't tell no-one."
Don't get me wrong - I WANT this to be a reality. I have several homicide cases that could do with the information. I'm not holding my breath, however.
kevin: No, there is no hardware recovery solution available. The best people in the world to handle it is probably Kroll OnTrack - they are who the US military and the NSA use for data recovery. I hate to think what hurdles they needed to jump through in order to get the clearance.
But they can no more recover once-overwritten data than you or I. As a computer forensic analyst, I'm in contact with an international body of people with an interest in this field and no-one has been able to find ANY evidence of this kind of recovery being possible.
Given that, why do people cling to this enduring belief? (Or rather, when asked to precure evidence and fail to do so.) Why is it treated differently to that of more classicly paranormal claims? Just because it relies on fantastical statements based on real physics, rather than blatant pseudo-scientific claptrap?
I'm not expecting to change people's minds here, much the same as a lot of posters here don't think that they will change a woo's opinion, I guess. Excuses will always be forthcoming, the most popular, of course, being "the guvmint can do it, but they don't tell no-one."
Don't get me wrong - I WANT this to be a reality. I have several homicide cases that could do with the information. I'm not holding my breath, however.
jimlintott
Master Poster
- Joined
- Jun 9, 2002
- Messages
- 2,893
I never really gave it much thought before as it wasn't much of an issue to me personally but you are right. A little research shows that there is no evidence of extreme data recovery working. One article I read discussed the electron microscope idea and clearly showed that it could take years to recover even a small amount of data.
Interesting points. If NSA could decipher erased data more effectively than you are suggesting it would seem to me to be worthy of the highest level of security classification. I would also be worthy of a subtle and confusing disinformation campaign, no?
Do a keyboard error and then go to the bios screen and exit out of it without going to windows and format from that dos prompt.
Or just simply go to your bios screen selection if you know how to...
Their are different levels of "cuckoo" science. You've equated my statements to that of dowsing. I think a better comparison is to the Vitamin C claims.
Everyone agrees that Vitamin C is necessary. You get any and you get scurvey. But what about claims that taking way more prevents cancer, heart disease, etc....
With Vitamin C (or dowsing) claims I can point to a body of peer-reviewed scientific studies showing it does NOT work.
Now we both agree a single-pass data wipe is necessary. Now what about claims that more passes are need to ensure the data can't be read back.
I can point to one paper whose author claims multiple passes are still needed for drives.
The best you can provide is what lawyers call hearsay evidence that would not be presentable in court, or usable in a peer-reviewed paper.
The ONLY difference between our two methods is that mine takes 3 times longer. Until you can provide real EVIDENCE, not hearsay, of someone trying this, what equipment and methodology they used then I'll have to stick with my way.
And I've presented no supernatural claims. My claim is that when a magnetic field that is changed, their may still be evidence of it's previous state. This is a known fact of physics. The question is, with the current methods used to encode data on the drive is there enough evidence on the drive to recover this previous state. And if there is, how many times do you have to change the state in order to remove that evidence. The question comes down to one of technological ability, not supernatural claims.
this only destroys data in the immediate area of the hole. most of the disk is still recoverable. Shattering (in enough pieces to make reassembly difficult) or melting the platters is preferrable for drive destruction.
jimlintott
Master Poster
- Joined
- Jun 9, 2002
- Messages
- 2,893
Really, I would have thought that all the debris and damage caused by drilling would take out the heads in a heart beat. Isn't it almost impossible to move platters from one drive to another due to them needing extremely precise alignment?
Actually what I'm pointing out is your "evidence" is a purely theoretical paper that is based on technology that is not in use any more. You also have ZERO evidence of this method working on current equipment, whereas there are a variety of documents written by people in the data recovery industry who agree with it not being possible.
You can't just say something is possible with no proof. Do I really need to say this here?
Still, if you can show me that it can be done, I'm all ears.
Please keep in mind that the Gutmann article was written a decade ago about hard drive tech that was already old at that time.
Wait a minute! You are making a bold statement about something that has never been shown to work and _I'm_ the one that has to show some evidence? You can't show a single case, anywhere, where someone has recovered overwritten data to a useable degree and all of a sudden I'm the one with the burden of proof? Come on - now I know you're yanking my chain.
Still, believe what you want to believe. I'm just amused to see the parallels between this how other people's beliefs are handled in this forum.
As soon as someone shows me that they have recovered data in this way, I will shut my big fat mouth. Gladly, too, as my job just got a hell of a lot easier.
Last edited:
egslim
Graduate Poster
- Joined
- Nov 26, 2002
- Messages
- 1,858
For what it's worth, until someone shows evidence to the contrary you've convinced me.
It makes a lot more sense. First, it is my impression the government is generally technologically behind private companies and definately seldom ahead. Second, with multiple GB discs it would be a lot of work to repair every single bit after it has been overwritten once, one at a time. I imagine the traces of previous information would be lost in the noise due to QM effects.
It makes a lot more sense. First, it is my impression the government is generally technologically behind private companies and definately seldom ahead. Second, with multiple GB discs it would be a lot of work to repair every single bit after it has been overwritten once, one at a time. I imagine the traces of previous information would be lost in the noise due to QM effects.