[unisog] Wiping hard drives before computer transfer

Saqib Ali docbook.xml at gmail.com
Mon Nov 28 02:57:39 GMT 2005


Similar topic on SecurityFocus' Seurity Basic Mailing List:

http://www.xml-dev.com:7070/thread/20051125.020305.50bb4829.en.html

But it relates to Bkup tapes.

On 11/27/05, Bradley Ellis <Bradley.Ellis at its.monash.edu.au> wrote:
> Hi,
>
> In a lot of ways, I like to make life simple - So when disposing
> of failed disks the following come to mind:
>
>         Is the drive still working ?
>                 - Disk wiping can be used easily.
>
>         Does the drive contain really confidential stuff ?
>                 - consider physical disk destruction.
>
>         How much does wiping vs destruction and replacement cost ?
>         Taking into consideration people's time, certification
>         efforts that the data has been removed, etc.
>
> In many cases - replacing the $AU80 hdd with another and
> physically destorying the old disk with a destruction service
> is cheaper overall than the efforts to the wipd disk to any
> reasonable degree.
>
> This to me simplifies the whole process and saves having to
> worry about:
>
>         * Encoding format as different formats may need different
>           input streams for optimal erasure.
>
>         * Off track data leakage - the data stored in the areas a
>         little either side of the track. (Disk heads are accurate,
>         but there is nearly always so off track data leakage.
>
>         * Potential Recovery due to partial overwrites.
>
> Sure Disk erasure commands that are part of proposal's where
> the drive electronics can perform an erase the disk in a couple
> of modes are interesting and may offer some benefits.
>
> But even when (if) this becomes main stream, I stil like the
> idea of keeping things simple from a daily operations point of view.
>
> The forensics discussions are fun, but I wouldn't want to have
> them everyday.
>
> Regards,
> Brad.
>
>
> > -----Original Message-----
> > From: unisog-bounces at lists.sans.org
> > [mailto:unisog-bounces at lists.sans.org] On Behalf Of Daniel Feenberg
> > Sent: Saturday, 26 November 2005 10:22 AM
> > To: UNIversity Security Operations Group
> > Subject: Re: [unisog] Wiping hard drives before computer transfer
> >
> >
> >
> > On Fri, 25 Nov 2005, Carl Miller wrote:
> >
> > > In regard to
> > > http://www.dshield.org/pipermail/unisog/2003-January/010022.php
> > >
> > > "Gutmann explains that when a 1 bit is written over a zero bit, the
> > > "actual  effect is closer to obtaining a .95 when a zero is
> > > overwritten with a one,  and a 1.05 when a one is
> > overwritten with a
> > > zero"."
> > >
> > >
> > > Actually, he compared over-writing both a 0 and 1 with a 1,
> > not as you
> > > say "a 1.05 when a one is overwritten with a zero".
> > >
> > > He desribed it all in terms of over-writing with a 1.
> > >
> >
> > Thank you. A corrected and enlarged version of my essay "Can
> > Intelligence Agencies Read Overwritten Data" has been available at
> >
> >   http://www.nber.org/sys-admin/overwritten-data-gutmann.html
> >
> > for several years. I am always interested in additional
> > information on the feasibility of reading overwritten disk
> > sectors, but so far I have not heard from anyone claiming to
> > have done so, or referring me to someone who has done so.
> >
> > By coincidence, we recently had 24 scsi drives filled with
> > confidential data to discard, and ended up drilling the
> > platters, simply because it was much easier than mounting
> > them once the computer that had controlled them died.
> >
> > Daniel Feenberg
> >
> >
> > _______________________________________________
> > unisog mailing list
> > unisog at lists.sans.org
> > http://www.dshield.org/mailman/listinfo/unisog
> >
>
> _______________________________________________
> unisog mailing list
> unisog at lists.sans.org
> http://www.dshield.org/mailman/listinfo/unisog
>


--
In Peace,
Saqib Ali
http://www.xml-dev.com/blog/
Consensus is good, but informed dictatorship is better.



More information about the unisog mailing list