Slashdot Mirror

← Back to Stories (view on slashdot.org)

Single Drive Wipe Protects Data

Posted by CmdrTaco on from the two-wipes-are-better-than-one dept.

ALF-nl writes "A forensics expert claims that wiping your hard drives with just one pass already makes it next to impossible to recover the data with an electron microscope." But that's not accounting for the super secret machines that the government has, man.

10 of 625 comments (clear)

  1. Sure... by MyLongNickName · · Score: 5, Interesting

    That's what they WANT you to think.

    In all seriousness. If the government wants to get information, they are not going to the trouble of an electron microscope to look at your hard drive. I'm sure they have other methods of extracting the information they want. While this information (about how many wipes you need) is interesting from a theoretical point of view, it is useless from a practical one.

    --
    See my journal for slashdot ID's by year. Mine created in 2005. http://slashdot.org/journal/289875/slashdot-ids-by-year
  2. some subject by Zironic · · Score: 4, Interesting

    I thought this would be fairly obvious from the fact there doesn't exist any recovery services that will recover zerod out data for you, at most they can usually try to recover data that has been deleted(forgotten) by the operating system.

  3. Pre-scrambling drive by davidwr · · Score: 4, Interesting

    It says data written to a pristine drive is much easier to access.

    If drive-manufacturers wrote random data to their drives 2 or 3 times before shipping, I wonder if this would help?

    Combine this with OS-level "overwrite with random after delete" or, to allow for "oopsies," delayed-overwrite after delete but before next use, the problem of "ghost data" in unallocated drive space could mostly disappear.

    Of course, there are other issues, like data internal to a file that is no longer current, data in paged-memory files, and data on backup media, but that's outside the scope of the "I deleted the file, it should be gone but it's not" problem.

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
  4. If you are able to do it by JeanBaptiste · · Score: 5, Interesting

    These guys will give you 500 bucks

    which is surely worth the time and effort involved in something like this.

  5. Re:Why are we still discussing this?! by rendermaniac · · Score: 4, Interesting

    Or a magnetic fish tank cleaner (true story - happened to my brother in law).

  6. *shakes his head* by Notabadguy · · Score: 5, Interesting

    I can't help but sit here shaking my head in some disbelief at the comments I've read on this thread. Slashdotters are a technologically savvy community for the most part, and I lost track of the number of times that I saw something to the effect of "The government probably has means/software/tools/hacks to get your info."

    Now, I've done extensive work *for* the government in the realm of computer forensics, which is as far as I'll elaborate, and the tools we use are commercially available. Were anyone so inclined, you could even attend or get notes on FBI or DoD taught digital forensics classes.

    There's nothing wrong with some good old fashioned suspicion or conspiracy theory, but the *one* area that slashdotters should be mostly competent and knowledgeable on has more of those wild ideas than anywhere else.

  7. My wipe is better :-) by BrokenHalo · · Score: 5, Interesting

    I used to be a blacksmith, and I still have a nice little power-hammer in my workshop that delivers the clout of a 500 lb sledgehammer. I would be willing to bet that my way of disposing of my old disk drives, which involves heating it to about 800 degrees C in my forge and giving it a few taps with that mother would defeat the most earnest efforts of the NSA, since the drive comes out about the thickness of tin-foil.

    Disclaimer:
    The NSA has no jurisdiction here in Australia, (yet) and...
    They would probably be bored by the contents of my drives anyway, and...
    Yes, I am aware that that temperature will demagnetise the platters, but...
    It's good fun to do anyway: shiny hot things and lots of noise. :-)

    1. Re:My wipe is better :-) by CthulhuDreamer · · Score: 4, Interesting

      I was the sole IT guy at my last place, a financial institution that went through a large amount of defective and obsolete hard drives. Not wanting to spend the time erasing the drives, I would just take them out back and hit it with a sledge a couple times until the platters exploded.

      As a financial institution, we were subject to frequent audits, one of which dealt with our data destruction methods. I described our "process" to an auditor once, he laughed and asked what our real process was. Still not believing me, he brought up the same question to one of our VPs. Her straight-faced answer: "Ive seen him out in the parking lot with a sledgehammer a few time, I always wondered what he was using it on."

      The next year, they sent a different auditor.

  8. Re:One wipe is not enough. by Anonymous Coward · · Score: 5, Interesting

    There are many MANY reasons to want to wipe data that doesn't implicate you in a crime.

    Hiding your data is important to prove your innocense (or support, at least). Imagine they "find" some data in your "possession" (officer swears the DVD of images was on your desk). Or your soon-to-be-ex left it to settle a bitter custody dispute. Now imagine every bit of your data is encrypted beyond their comprehension. Will a jury believe that you have everything - including your inane personal diary - encased beyond their reach but left super-incriminating evidence out in the open? Unless they can tie that DVD to you via a purchase, I think you have a good case. Imagine any other instance where someone wants to manipulate your data to their advantage. Like it or not, encryption/wiping/security is to prevent implications in crimes. This is true whether or not you have committed any.

  9. Re:RoHS has fixed this problem for us. by delirium+of+disorder · · Score: 4, Interesting

    I've worked in the electronics industry too. You might get tin whiskers if you use an immersion tin finish on the board and a tin solder for the assembly, but you don't need to do that to get a RoHS compliant product. There are immersion gold, immersion silver, and other leadfree solder finishes available. Modern leadfree solder alloys don't have the same kind of problems with tin whiskers as earlier ones. Reflow heating should be preformed as well. Effective conformal coating can also reduce the risk of whisker growth. Another issue is that many vendors lie or don't properly track how their components are made. Don't trust the sales people! Test your parts yourself to make sure that they comply with the specs that you ordered.

    I support the adoption of RoHS in the USA because I've seen how corporations ignore the safety of their employees and customers with regard to hazardous materials such as lead. Strong democratic unions could be used to keep companies honest, but currently American unions tend to be too corrupt and weak to be able to change the industry.

    --
    ------ Take away the right to say fuck and you take away the right to say fuck the government.