Slashdot Mirror

← Back to Stories (view on slashdot.org)

Single Drive Wipe Protects Data

Posted by CmdrTaco on from the two-wipes-are-better-than-one dept.

ALF-nl writes "A forensics expert claims that wiping your hard drives with just one pass already makes it next to impossible to recover the data with an electron microscope." But that's not accounting for the super secret machines that the government has, man.

7 of 625 comments (clear)

  1. Why are we still discussing this?! by MartinG · · Score: 5, Insightful

    Just use encryption (of your whole drive or partition) and forget about wiping it.

    It's not that hard. For example, several modern Linux distros support encrypting your entire installation out of the box.

    --
    -- MartinG To mail me: echo kewyjlcxyzvjfxbqwh | tr bcefhjklqvwxyz .@adgimnoprstu
    1. Re:Why are we still discussing this?! by dmdavis · · Score: 5, Insightful
      You encrypt it, and someone can still potentially get it, even if the probability is miniscule. Maybe the algorithm is discovered to be flawed, or they see you type your password, or they install a hardware key-logger, or while it would theoretically take thousands of years to brute force it, random chance has them guess the right sequence on the first try (it could happen). You wipe the data though, and there is no chance for anyone to get it.

      Encrypting it is definitely a good idea, but not as a replacement for wiping it.

  2. If it 'snot good enough for the feds... by davidwr · · Score: 5, Insightful

    1) next to impossible != impossible
    2) if the feds require multi-pass wipes for non-classified data and media destruction for classified data, why should I settle for anything less?

    OK, maybe this guy is right and maybe the feds are behind the times, but I'd like to see multiple independent studies come out and say this before I'm getting rid of my drive sanitizers. I mean, we all know what happens to societies when they get rid of their equipment sanitizers, don't we?

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
    1. Re:If it 'snot good enough for the feds... by Talderas · · Score: 5, Insightful

      Unless you work for the government or military, no one would be interested enough in the data on your drives to go through the effort and cost of doing the forensic investigation to find out what was on your hard drive before the wipe.

      For those of you in Rio Linda, nobody cares about you, or your data, unless you work for the government or military.

      --
      "Lack of speed can be overcome. In the worst case by patience." --Znork
    2. Re:If it 'snot good enough for the feds... by Thaelon · · Score: 5, Insightful

      1) next to impossible != impossible
      2) if the feds require multi-pass wipes for non-classified data and media destruction for classified data, why should I settle for anything less?

      Because the government is rife with paranoid, bureaucratic nitwits with more motivation to be "safe" than is scientifically prudent, and far more motivation to further their own careers?

      And I add bureaucratic for very pointed reasons. In the beginning, suppose they had a competent CS guy deciding the policies for HD erasure, he probably figures a single zeroing is sufficient. And at the time (perhaps now too) he's correct. Then his successor wants to make in impression and put some bullet points on his resume, so he makes a big stink about "increasing security through a continuing commitment to data erasure" or some buzzword nonsense. Let's say this guy was a friend or relative of the previous guy - and not necessarily as competent. Now this did fuck all for actually making the data any harder to get at, but it furthered his career just a tiny bit. Now add 3-4 repetitions of this to the mix and you can see how the policies got to be so ridiculous. Now I am making all this up, but to me, this seems far more plausible than recovering overwritten data on a hard drive. How many times have you had trouble with your drive accidentally reading previous data from it? You know, with a drive head that was designed, redesigned, and improved over 50 years to read data from that disk.

      I don't get why people often think that the US government has super awesome technology that borders on magic in the field of computer science. In my experience they were 30+ years behind the times in some areas. Some better, some worse.

      The government is just made up of people. Like everyone else, so there's lots of human error. And since they get paid through taxes and don't have to worry about profits, they have little to no motivation to do a good job if their superior doesn't make them. It's why the government is into contracting these days, they get the job done quicker and better for less money because (in most cases) they have competition.

      --

      Question everything

  3. Re:Data destruction advice of the week by tuffy · · Score: 5, Insightful

    It's the difference between what slashdotters enjoy doing to old hard drives and what's actually required to securely destroy the data on them.

    --

    Ita erat quando hic adveni.

  4. Conflict of interests in article by xant · · Score: 5, Insightful

    The guy's a forensics expert. Of course he's going to tell you one wipe is enough. If you do more than that, he might be out of a job.

    I'm surprised he didn't say "It's cool man, just write 'DELETED' in sharpie on the case and your drive will never function again. *snicker*"

    --
    It's rare that you're presented with a knob whose only two positions are Make History and Flee Your Glorious Destiny.