[svlug] 2 part Linux question

Scott Hess scott at doubleu.com
Thu Jul 10 13:49:17 PDT 2003


??? Wouldn't this be _substantially_ worse than psuedo-random data?  If
all of this stuff really works, then you should be able to model _exactly_
how each bit on the disk was impacted.  Even if you don't know the
sequence, you could probably derive the character runs, at which point you
could automagically factor their impact out.

Also, the encryption pass should remove entropy, which would make it more
statistically similar to random data, which would make anything you could
use to account for random data work.

Later,
scott

On Thu, 10 Jul 2003, Sanatan Rai wrote:
> : Marc Maxwell wrote:
> : > I am curious about a couple of things. I want to wipe
> : > data off of an IDE drive COMPLETELY, absolutely and
> : > totally gone forever and NOT recoverable.
> 
> 
> 	I can hardly claim to be an expert on this, so please bear with
> me.
> 
> 	If you write random bits on the drive, then someone can get rid
> of the noise easily by `averaging', and then use `standard' (?) data
> forensic tools to recover the data.
> 
> 	Similarly, writing the same character, 0 or # adds constant
> noise, which is also easy to compensate for.
> 
> 	Therefore, to really obscure data, write somehing definite, such
> as the complete text of shakespeare. One way is to take various text
> files containing all of Shakerspeare, the King James' version of the
> Bible, and so on.  Cat the files in random order to produce big files.
> Encrypt each, cat again to produce a huge 40GB file, and then write that
> onto your drive.  In spite of the randomness, this is not random data.
> It is very definite data, which no recovery tool can easily remove to
> get earlier data, even if the exact sequence of operations is known.
> 
> --Sanatan
> 
> 





More information about the svlug mailing list