lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20050722165453.3802.qmail@securityfocus.com>
Date: 22 Jul 2005 16:54:53 -0000
From: underwood-de@...mail.com
To: bugtraq@...urityfocus.com
Subject: Re: RE: Peter Gutmann data deletion theaory?


I was in charge of a stand alone, 125 user, authorised to process up to and including secret, network for a number of  years. Our cable infrastructure was fiber from server to the desktop with the only exposed piece of fiber being the LAN connection from PC to the box. The hard drives were removeable, were locked up every night and random patrols were done nightly as well.

We were not allowed to do a seven pass government wipe to dispose of the drives as our security people deemed it inadequate, we turned them over to our classified waste people who stored them until there were enough to justify having the platters removed and mechanicaly beaten into little lumps of metal.

It does come down to a proper Risk Threat Assesment, how valuable is your data and in our case how politicaly and militarily sensitive is it.

I personaly was quite happy that we were not responsible for ensuring the cleanliness of the drives when they went for disposal.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ