lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 25 May 2010 18:01:17 -0400
To: Bipin Gautam <>
Cc: full-disclosure <>
Subject: Re: Stealthier Internet access

On Wed, 26 May 2010 03:01:26 +0545, Bipin Gautam said:

> @Valdis: Those were from some ooold notes, (~4yrs) :) if you have full
> hdd encryption wiping hdd header and backup header few (7?) times and
> rest hdd with 1 random pass should be enough.

My point is that even if the drive *wasn't* encrypted, a single-pass overwrite
is sufficient to render it unrecoverable.

> Wiping Magnetic storage is tricky on its own.

It's actually not that hard, as long as you actually know how many gauss
you *really* need to wipe a device (inside surface, near axis, of multi-platter
devices is a particular gotcha).

It's not worth worrying about wiping the remapped sectors on a disk - even an
older 40G drive has some 80 million sectors on it - so even if you have a few
hundred sectors that have remapped due to I/O errors, it's still literally
a one-in-a-million shot that anything incriminating is in the sector.  Plus
it's a *bad* sector, so reading and recovering the data is a bitch...

Content of type "application/pgp-signature" skipped

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -

Powered by blists - more mailing lists