| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200602081433.k18EXLTh026965@turing-police.cc.vt.edu> Date: Wed Feb 8 15:35:09 2006 From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu) Subject: Gutmann's research paper today On Wed, 08 Feb 2006 10:11:45 +0100, gimeshell@....de said: > But isn't recovering from lower "layers" much easier, if you can predict over write-patterns? It's a matter of signal strength. The un-overwritten residual field is on the order of 1/1000th of the main signal. After 2 passes, the signal you want to find is down close to a millionth of the over-write signal. At that point, it becomes hard to tell whether that tiny bump in the signal is a 1 that survived 2 overwrites of zero, or if it's a random fluctuation in the signal strength of the written signal. > After i read "a few passes" another question arised to me: > In his paper he wrote, that securely deleting data from disk is very > difficult, because of the fact that write head doesn't set polarity of all > "magnetic domains": Right. The residual signal is basically the signal from domains that didn't quite get their polarity reset. > So doesn't incrementing amount of rounds of random writing increase > probabilty, that write head sets polarity of _all_ magnetic domains sooner or > later and thus making secure deleting closer? Well.. OK. Sure. You can spend a week over-writing that drive with 2,000 passes, and have a *really* high confidence that you got every single domain. On the other hand, a lot of us live in the real world, and stop after 3 passes because at that point, it's highly unlikely that any *useful* data will be recoverable. If you're *so* paranoid that it really *does* matter that the attacker could spend a month working on the drive and recover 'Ano' from 3.6 gigabytes into the drive, and 'the' from 9.8 gig in, it's a lot more time and cost effective to just nail the drive with thermite or a degausser rated for the jog. And exactly that level of paranoia is why overwrites are only good up to Secret, and Top Secret and above require physical destruction (a recent NIST document, for example, recommends that for grinding, the remaining pieces be no larger that 0.25mm is size). -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 226 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060208/c8da6af0/attachment.bin
Powered by blists - more mailing lists