[svlug] 2 part Linux question

Scott Hess scott at doubleu.com
Thu Jul 10 01:28:29 PDT 2003


Remember that it's all a matter of how important it is to protect the data
from prying eyes - keep some perspective!  If you're selling the drive to
someone you have no reason to believe is "after" you, then simply dd'ing
/dev/zero over it is probably sufficient.  Use scrub or shred just for
some free additional safety.  Bob194 in Memphis isn't going to buy your
drive and head downstairs to decode 40Gigabytes of data using his MFM,
just on the off chance that there's some juicy Quicken data or porn in
there.

Same goes if you're worried about someone finding compromising stuff on
your disk.  If someon's willing to spend tens (hundreds?) of thousands of
dollars to decode your data at this level, it's very likely that they can
nail you on some other front.  The only people I'd be particularily
worried about are Three-Letter Agencies, and PhD candidates, and I doubt
even PhD candidates are going to analyse an entire disk.  If it's TLA's
you're worried about, well, it's a little too late to be asking this
question!

That said, any drive old enough to have much interesting data is probably
old enough to be almost worthless.  Take it apart and melt those platters!

Later,
scott

PS: Yeah, sure, I'm hopelessly naive.



On Thu, 10 Jul 2003, Mark C. Langston wrote:
> On Thu, Jul 10, 2003 at 09:05:42AM +0200, David N. Welton wrote:
> > Marc Maxwell <maxwellmarc at yahoo.com> writes:
> > 
> > > I am curious about a couple of things. I want to wipe data off of an
> > > IDE drive COMPLETELY, absolutely and totally gone forever and NOT
> > > recoverable.  I have recently learned to my dismay that formats and
> > > even the utilities that write ones and zeroes to the drive, are
> > > really not completely erasing the data.
> > 
> > My friend Salvatore Sanfilippo wrote something along those lines:
> > 
> > http://www.kyuzz.org/antirez/overwrite.html
> > 
> > 'shred' is also shipped as one of the GNU tools
> > 
> 
> 
> It's important to remember that medium hysteresis, as well as techniques
> such as magnetic force microscopy and interferometry allow data
> overwritten in these manners to be recovered.  Physical destruction of
> the platters and subsequent reduction of the remnants is the only way to
> be absolutely certain no data may be recovered.
> 
> See Peter Gutmann's 1996 USENIX Security paper, "Secure Deletion of Data
> from Magnetic and Solid-State Memory" for further details on techniques
> for both deletion and recovery of data.
> 
> 
> 






More information about the svlug mailing list