lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: michael.gale at bluesuperman.com (Michael Gale)
Subject: Erasing a hard disk easily

Hello,

I believe you are referring to "scrubing" the drive. The problem is as
follows. Let's say you use the standard windows format utility that only
removes the FAT table. While all the data is still on the hard drive. Only
the "location" as to where it is kept is removed. So you just really over
write it when you reinstall.

If you use a low level format or some other disk formating utility it would
most likely just write "0" across the drive. So mathimatically you create
recover the data if you had utility that would remove a "0" from a written
disk sector.

The only way to premanitly remove data from a hard drive is to find a
scrubing utility that will repeated write random data across the drive or
area to want to remove. Just doing that same thing over and over is kind of
useless. Also you must take into account how much money would some pay to
retirieve that data ??

Format example at company I use to work for a manager had a hard drive
crash in their system. Now they did not save their work on the "U" drive
(Users drive). So it was not backed up .... they are like this is very
important data that we need to retrieve. I called the manufactoring company
and explain the HDD had crashed and I believe it was the arm motor that was
broken. I fix the arm motor only so we could recover the data was like
$2000 plus. 

At that cost the data we chose not to recover the data.

Michael.







On Tue, 13 Jul 2004 09:59:01 +1000 "Peter B. Harvey (Information Security)"
<peterharvey@...rgency.qld.gov.au> wrote:

> 
> Standard data recovery tools will be stopped by writing zeros to the disk. This includes programs such as OnTrack Data Recovery Pro.
> 
> However i have been informed that equipment exists to retrieve data that programs on a normal system cannot. Hence the writing multiple times with all 0 then all 1 then all 0 will cycle the disk so that it is virtually impossible to determine the residual data (please note all 1 means all bits are 1).
> 
> My two bits
> 
> Peter
> 
> -----Original Message-----
> From: Gregh [mailto:chows@...mail.com.au]
> Sent: Tuesday, July 13, 2004 8:20 AM
> To: full-disclosure@...ts.netsys.com
> Subject: Re: [Full-Disclosure] Erasing a hard disk easily
> 
> 
> 
> ----- Original Message -----
> From: "Maarten" <fulldisc@...ratux.org>
> To: <full-disclosure@...ts.netsys.com>
> Sent: Tuesday, July 13, 2004 7:23 AM
> Subject: Re: [Full-Disclosure] Erasing a hard disk easily
> 
> 
> >
> > An overwrite with all zeros will -allegedly- not withstand a serious
> > data-recovery attempt by professionals, not even when repeated.




> 
> I know you stated "allegedly" but this subject interests me. Many years ago,
> a good friend of mine who had been in to pirating and suddenly realised he
> could end up behind bars if he was ever caught got the shakes thinking about
> it. He deleted it all and I let him know that wasn't good enough. He got
> hold of a simple basic program that kept looping until the disk was full,
> writing a line of 80 of the number "8" to the disk making one file that got
> bigger and bigger until, ultimately, it filled the disk. Once filled, it
> would close the file and all you had to do was boot into DOS and delete it
> and the space was free once more all overwritten with the number "8"
> wherever you looked with a sector editor.
> 
> Since that time I have seen sensationalist TV shows showing how FBI and CIA
> operatives get stuff out written to a sector BEFORE the sector was
> overwritten and I honestly cannot understand how that could be, if at all
> possible. Am I right in thinking those shows are bull?
> 
> Greg.
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 
> This correspondence is for the named persons only.
> It may contain confidential or privileged information or both.
> No confidentiality or privilege is waived or lost by any mis transmission.
> If you receive this correspondence in error please delete it from your system immediately and notify the sender.
> You must not disclose, copy or relay on any part of this correspondence, if you are not the intended recipient.
> Any opinions expressed in this message are those of the individual sender except where the sender expressly,
> and with the authority, states them to be the opinions of the Department of Emergency Services, Queensland.
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ