lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20050721233018.26559.qmail@mail.securityfocus.com>
Date: Thu, 21 Jul 2005 19:37:09 -0400
From: "Jared Johnson" <jaredsjazz@...oo.com>
To: <bugtraq@...urityfocus.com>
Cc: <focus-ms@...urityfocus.com>
Subject: RE: Peter Gutmann data deletion theaory?


Interesting. Well it all makes sense. I'm trying to setup a routine for our
corporation to regularly wipe our old hard drives before dumping and
donating them. It's fairly sensitive data in that if our competitors got a
hold of it, it would probably put us out of business. 

Seems that just the simple DoD standard should suffice though. 

Thanks for all your responses.

 

-----Original Message-----
From: Simple Nomad [mailto:thegnome@...c.org] 
Sent: Thursday, July 21, 2005 3:07 PM
To: bugtraq@...urityfocus.com
Cc: Jared Johnson; focus-ms@...urityfocus.com
Subject: Re: Peter Gutmann data deletion theaory?

On Wednesday 20 July 2005 18:48, Jared Johnson wrote:
> Data overwritten once or twice
<snip>

The quote is from 1996. I spoke with Guttman about this at AusCERT a few
years ago and even *he* doesn't believe it anymore. Drive technology has
changed substantially since then.

The main areas where criminals get caught with bad stuff on their drives by
forensics people is from 1) not knowing where the data is being written to
(browser cache, swap file, etc) 2) not doing any overwrite of the data as a
part of deletion, and 3) not taking into consideration such items as file
slack.

Drives that do caching and file systems that do journaling also may be a
factor. That being said, 3 wipes are "good enough for government work". DoD
5220.22-M chapter 8 subsection 306 in the Cleaing and Sanitization Matrix
shows under the Magentic Disk section that to properly sanitize a
non-removable rigid drive, that the choices of degaussing, destruction of
the drive, or a 3 pass wipe are acceptible methods for disk sanitation. Note
that the 3 pass wipe method is NOT acceptable for drives that contained Top
Secret information - so unless the drive contained Top Secret material,
you're covered.

It should be noted that this issue has been done to death on bugtraq several
times.

-- 
# Simple Nomad, CĀ²ISSP  --  thegnome@...c.org        #
# C1B1 E749 25DF 867C 36D4  1E14 247A A4BD 6838 F11D #
# http://www.nmrc.org/~thegnome/                     #




Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ