lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: avalon at cairo.anu.edu.au (Darren Reed)
Subject: Erasing a hard disk easily

In some mail from Gary E. Miller, sie said:
> Hash: SHA1
> 
> Yo Darren!
> 
> On Thu, 15 Jul 2004, Darren Reed wrote:
> 
> > Have you ever actually used format on Solaris to format a SCSI disk ?
> 
> Yes, many times.
...
> If I have been simplifying things a bit much it is because I am
> not sure how many other folks out there have EE degrees, have advanced
> disk drive electronics experience and really need to know the nitty
> gritty details.

See below.

...
> The trick is not so much read/write percentages, like has been discussed
> here, but off-center tracking and subtle timing/speed changes.
...

Yup, this is all old news.  Have you got something new to say ?
There are papers around on what's required to read back data from a
HDD and what the methods exploit.  Something that can't be found
from a reference of Peter Gutman's home page:

http://www.cs.auckland.ac.nz/~pgut001/

Maybe if you said something about how you implemented the format, etc,
algorithms or what they did compared to what dd does, whether or not
they write "raw data" to the disk, to create a formatted track, as
opposed to just writing to the formatted blocks.  For reference, Amigas
(and other, older computers) would let you access floppies in a number
of ways, and I imagine that the hard drive would have its own for
read/write vs format or not? Can you interact with SCSI mode pages and
change what read/write gives you?  Did/do people implement that and
just not document it?

It would be nice if further email didn't sound like an extract from
your C.V./resume.  I don't need to know (or care about) how many times
you've worked for X, Y & Z, etc, or even when.  Sorry for being harsh
but I'd rather see the signal to noise ratio try and tip in the signal
direction, if possible.

Darren

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ