| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2d6724811001260833p6f17613bmdb4a071250ecfd21@mail.gmail.com> Date: Tue, 26 Jan 2010 11:33:09 -0500 From: T Biehn <tbiehn@...il.com> To: Christian Sciberras <uuf6429@...il.com> Cc: full-disclosure <full-disclosure@...ts.grok.org.uk> Subject: Re: Disk wiping -- An alternate approach? Are you suggesting that consumer magnet-based storage solutions use the same technology that the recovery machines use to store more than one bit in what you consider a 'single bit location' ? I think it would be cost and space prohibitive, not dependent on any algorithm. If I'm thinking correctly, and I have no real idea how the recovery process works, the recovery machines measure minute variance in the analog magnetic signal directly pulled from the platters to figure out what bits 'used' to be on the disk in that location. I sincerely doubt that anything consumer accessible would be able to work with that. I also doubt that it is exact, and protocols probably use probabilistic methods for extraction of a given content; text for example. Given a block of bits, the signal variance from 'clean' on those bits (eg if never written) is x. x is matched with a dictionary of known text. Anyone know to confirm? -Travis On Tue, Jan 26, 2010 at 11:15 AM, Christian Sciberras <uuf6429@...il.com> wrote: > It would be a part of the algorithm, to make sure the overwritten file is > readable. But if those machines get any smaller, I guess these would be the > next generation of storage media take bluerays vs dvds for example. > > > > > On Tue, Jan 26, 2010 at 5:11 PM, T Biehn <tbiehn@...il.com> wrote: >> >> Overwritten files require analysis with a 'big expensive machine.' >> I doubt they ever recover the full file. >> >> -Travis >> >> On Tue, Jan 26, 2010 at 11:04 AM, Christian Sciberras <uuf6429@...il.com> >> wrote: >> > I was thinking, since all this (reasonable) fuss on wiping a disk over >> > 10 >> > times to ensure non-readability, how come we're yet very limited on >> > space >> > usage? >> > If, for example, I overwrote a bitmap file with a text one, what stops >> > the >> > computer from recovering/storing both (without using additional space)? >> > Just a couple curiosities of mine. >> > >> > >> > >> > >> > >> > On Tue, Jan 26, 2010 at 4:08 PM, Michael Holstein >> > <michael.holstein@...ohio.edu> wrote: >> >> >> >> > By the way, does somebody knows about the flash memory? >> >> > Is zeroing a whole usb key enough to make the data unrecoverable? >> >> > >> >> >> >> No, wear-leveling (done at the memory controller level) will >> >> dynamically >> >> re-map addresses on the actual flash chip to ensure a relatively >> >> consistent number of write cycles across the entire drive. >> >> >> >> The only way to completely "wipe" a flash disk is with a hammer. >> >> >> >> Regards, >> >> >> >> Michael Holstein >> >> Cleveland State University >> >> >> >> _______________________________________________ >> >> Full-Disclosure - We believe in it. >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> >> Hosted and sponsored by Secunia - http://secunia.com/ >> > >> > >> > _______________________________________________ >> > Full-Disclosure - We believe in it. >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> > Hosted and sponsored by Secunia - http://secunia.com/ >> > >> >> >> >> -- >> FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C >> http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on >> http://pastebin.com/f6fd606da > > -- FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on http://pastebin.com/f6fd606da _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists