lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: gem at rellim.com (Gary E. Miller)
Subject: Erasing a hard disk easily

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yo Darren!

On Thu, 15 Jul 2004, Darren Reed wrote:

> Have you ever actually used format on Solaris to format a SCSI disk ?

Yes, many times.  The first time within a year or two of when they were
founded.  Their HQ was less than a mile from my old offices in Mountain
View.  One of my best friends sold them all their DRAM for the first few
years.  He would personally fly to Japan, swap an envelope of cash for
the DRAM and fly back with the DRAM in his briefcase.

I probably formatted my first scsi disk on a UNIX system in 1982 on a
Charles River Data Systems box.

I have also many times had to move disks from UNIX systems to DOS
systems for low level recovery.  This because many companies only
provide low level bad block tools as DOS .exe files.

If I have been simplifying things a bit much it is because I am
not sure how many other folks out there have EE degrees, have advanced
disk drive electronics experience and really need to know the nitty
gritty details.

> I ask because your comments here make it seem like you have not...and the
> lack of that experience shows in the rest of your comments, too...

Hmm, so I guess when Priam, Seagate, Shugart, Maxtor, Memorex, etc. paid
me to write low level hardware tests for their disk drive production
lines they hired the wrong guy huh?

When I consulted to Priam I worked next to the room where they kept
the magneto-optical interferometer.  Engineers would pull the platter
out of a marginal drive and place in on a spindle.  The spindle of the
interferometer sat on a 6" thick granite table set on big air donuts on
a solid steel frame.  The steel frame sat on a special piece of solid
concrete that was isolate from the building foundation and sat directly
on the underlying soil.  It was so sensitive that if a big truck drove
by on Oakmead Parkway they could see it in their results.  Sort of
understandable considering the land was sorta swampy before they built
the industrial park just south of Alviso.  They claimed they could read
the last 7 to 10 passes on the track by the residual magnetism on the
disk.

The trick is not so much read/write percentages, like has been discussed
here, but off-center tracking and subtle timing/speed changes.

If one pass is written a few % points of track width to the inside
on one pass and a few % to the outside on the next.  The
interferometer was sensitive enough in width to profile the overlapping
tracks.  When you looked at the results it was if you had tried to
draw a pencil line on top of another pencil line.  The small differences
were detectable and discernable as two separate lines.

The second effect is a peak effect.  Contrary to popular opinion, disk
drives do NOT write ones and zeros.  For one thing disks, like T1 lines,
are an AC medium and not a DC medium.  So encoding it used to keep the
frequency spectrum to/from the heads in a narrow range to allow for
effective filtering.  Then, to increase density, special codings are
used, like MFM, RLL, ARLL, etc.  What goes on the disk is measured in
terms of flux reversals and flux peaks.  In RLL 1,7 as many as 7 bits
may be encoded with a single flux reversal.

Here is a good reference on RLL encoding as used on disks:
	http://duplex.hypermart.net/books/hards/002-004.html

The analogy is not exact, but you can think of it like a modem.  NO
analog POTS modem has a BAUD (symbol) rate over 2400.  But you get the
BIT rate up to 56,000 by encoding more than one BIT per BAUD (symbol).
If this is unclear you should spend the $$, buy the relevant ITU
specs for V.32 and read them.

When you re-write a disk the flux reversals and flux peaks of the new
data will not line up over that of the last data.  Even if you write
the same data twice, there will be subtle differences in clock speed and
spindle speed that means the new data will not line up exactly on the
old data in the angular direction.  If you have a digital o-scope hooked
up to the read head ahead of the filtering then you can see the little
artifacts of the last data written.  It is also plainly visible on the
interferometer.

I am NOT saying that this is an easy thing to do.  At a big disk
drive company maybe only a few people are capable of this kind of
analysis and their success rate will be limited.  But it can be done
and I have personally seen it done.

To repeat what others have said here.  If the NSA wants to read
your "scrubbed" HDs they probably can.  As for everyone else, not
much to worry about.

RGDS
GARY
- ---------------------------------------------------------------------------
Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701
	gem@...lim.com  Tel:+1(541)382-8588 Fax: +1(541)382-8676
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFA9ifA8KZibdeR3qURAgwFAKDrz2F2k3TDaSTRKdv7HX7IymE2mACgppU/
+egmh9lgD0Kb3xnTLtUkekA=
=D1xE
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ