Domain: anti-forensics.com
Stories and comments across the archive that link to anti-forensics.com.
Comments · 8
-
Re:Operational security
https://www.anti-forensics.com/video-opsec-for-hackers-because-jail-is-for-wu-ftpd/
God I'm slow and stupid I spent a good 30 seconds trying to figure out what this title meant.
-
Re:Why physically damage the drive?
Not that it matters. Modern hard drives are unrecoverable after one pass.
-
Re:This attitude makes me sick and I'm tired of it
http://hostjury.com/blog/view/195/the-great-zero-challenge-remains-unaccepted
http://www.anti-forensics.com/disk-wiping-one-pass-is-enough-part-2-this-time-with-screenshots
(Key quotes: Secure Deletion of Data from Magnetic and Solid-State Memory by Peter Gutmann (35 pass wipe originated from Mr. Gutmann)âoeAny modern drive will most likely be a hopeless task, what with ultra-high densities and use of perpendicular recording I donâ(TM)t see how MFM would even get a usable image, and then the use of EPRML will mean that even if you could magically transfer some sort of image into a file, the ability to decode that to recover the original data would be quite challenging.â)
(Article itself) http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html -
Or... one random pass
Wow, this was the stupidest way to get rid of an incriminating drive. Seriously, I do this with really old drives that I can't be bothered wiping, but this is the sort of thing you should be wiping.
Additionally, it doesn't even take much. Just get Darik's Boot And Nuke then boot from it, et viola.
Also remember, while DoD level security sounds awesome, I know from experience, one random pass is enough. If you don't believe me, you can read about it here page 1, page 2. It explains electron microscopes (the boogeyman of secure wiping), and other methods, will not, in all likelihood, be able to reliably retrieve, such that it could be entered into evidence.
Seriously, so stupid. Besides that, encrypt from the get go, and you're as good as done!
-
Or... one random pass
Wow, this was the stupidest way to get rid of an incriminating drive. Seriously, I do this with really old drives that I can't be bothered wiping, but this is the sort of thing you should be wiping.
Additionally, it doesn't even take much. Just get Darik's Boot And Nuke then boot from it, et viola.
Also remember, while DoD level security sounds awesome, I know from experience, one random pass is enough. If you don't believe me, you can read about it here page 1, page 2. It explains electron microscopes (the boogeyman of secure wiping), and other methods, will not, in all likelihood, be able to reliably retrieve, such that it could be entered into evidence.
Seriously, so stupid. Besides that, encrypt from the get go, and you're as good as done!
-
Re:Won't Be Long...
Yeah really:
http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf
Look at the bottom of Page 12 (20th page of the PDF)
Also see:
http://www.anti-forensics.com/disk-wiping-one-pass-is-enough
-
Re:These peanuts are the BOMB!
-
Re:How about: Write zeros to the disk?
False. One pass is enough. Massive linkdump:
http://www.anti-forensics.com/disk-wiping-one-pass-is-enough-part-2-this-time-with-screenshots
http://sansforensics.wordpress.com/2009/01/15/overwriting-hard-drive-data/
http://blog.epcusa.com/2009/03/data-destruction-is-one-pass-overwriting-enough/
http://itknowledgeexchange.techtarget.com/security-corner/the-great-drive-wiping-controversy-settled-at-last/