Subject: Re: securely erasing a hard disk
To: Philip Jensen <email@example.com>
From: Ken Seefried <firstname.lastname@example.org>
Date: 10/21/2005 00:12:24
Philip Jensen wrote:
>I am wanting to understand the risk outlined in this paper:-
Wether or not this a "risk" that you should care about depends on your
unique threat environment.
Yes...there exists technology to recover information otherwise thought
deleted from a hard disks and other media (cds, tapes, etc.). This is
not news...it's been a subject of interest since the beginning of
computer storage. I did my time 20 years ago or so with an obscenely
powerful bulk eraser (electromagnet) and a metric ton or so of 9-track
reel tapes (universities are cheap, and it's cheaper to get a student
intern to erase tapes, and irridate their gonads till they glow, than to
buy new tapes...I was engaged to a nuclear physicist at the time...I'm
not kidding about the glowing gonads). Amazingly, I subsequently had a
child who so far seems to be perfect. I've clearly used up any and all
karma I might have stored up...
P.S. - Okay...I was actually kidding. I know that electromagents won't
induce glowing to gonads. It was a joke. Let it go. Don't send me
hate mail. The cesium that my
then-finace-that-got-smart-and-got-rid-of-me spilled all over the place
in the campus nuclear reactor might, however, have caused her 'nads to
glow. Or not. It was 20 years ago. I hear she had normal kids,
too...probably really attractive and smart ones. Don't send me hate
mail. Only public ridicule lives down that path.
>Is it widely acknowledged that a disk (or file) needs to be
>overwritten up to 30 times in order to remove any traceable
>information on the magnetic media for the file?
There are any number of theories about what will really delete
information from a disk. Most of them, as far as I can tell, make bad
or outdated assumptions about the underlying storage device. That
is...they don't work except against trivial recovery efforts. There are
tools that anyone can get to recover normally deleted files. There are
companies that can recover more agressively deleted data for a price.
There are government entities that can do vastly more.
If this is really, truly an issue for you (and it probably isn't), keep
your naughty bits on media that you can quickly physically destroy.
Burning tapes or cds is good; sandblasting hard disk platers is normal.
N.B. - shredding CDs or breaking up disk platters isn't enough for
really dedicated recovery efforts.
>If so, then does the -P switch for the NetBSD rm command really
>provide the "security" of data erasure people think they are getting?
>Or should the man page have an addition of "If you are serious about
>removing all traces of this file then ......."?
Others have pointed out how problematic this solution is.
>Lastly, how long would it take to retrieve the contents of a disk (or
>file) which has been overwritten with `dd if=/dev/zero of=/dev/rsd0c`?
Well, that depends. Is the recovering agent "Ken in his basement" or
"the NSA with an axe to grind"? "How long" is radically different
depending on your answer.