[clug] PC Forensics / Fun
Alex Satrapa
grail at goldweb.com.au
Fri Mar 30 04:21:41 GMT 2007
On 29/03/2007, at 23:46 , Randall Crook wrote:
> On Thu, 2007-03-29 at 23:11 +1000, Sam Couter wrote:
>
>> If you think it's useful to do more [than writing zeros]
>> and you're not doing most of the
>> following, you're being irrationally paranoid ...
> ROFL.... you forgot one Sam....
>
> Never ever ever plug your PC into a network.
But then you'll never actually get anything done. If you think
there's a need to do more than write zeroes over the entire drive,
but the data isn't that important that you aren't already housing the
computers in locked, tempest shielded rooms with armed guards, you
are being overly paranoid. Just restating what Sam said, in case
hearing it from someone else makes it suddenly more reasonable :P
If the data isn't that important that it's not worth physical
security measures being in place to guard the data while it's in use,
then the data isn't important enough to warrant more than writing
zeroes over the platters to protect the data when it's been discarded.
Go and read an article about modern hard disk encoding systems - and
there is one out there which specifically mentions this - you only
need to write *something* over the top in order to reduce what's left
on the drive to meaningless drivel. Most importantly note that drives
using MFM (where you need to be careful about writing over specific
patterns a number of times to reduce magnetic domain leakage or some
such) are very, very old. Modern drives use much finer tracks, much
narrower magnetic domains, and white-man's-magic encoding schemes to
write and read data to the platter. As such even scanning microscopes
cannot reconstruct data that has been overwritten even once.
If your data is that important that you shouldn't even plug the PC
into a network, then the only safe way to dispose of the computer is
to burn it or store it in the same secure room as the rest of the
outdated computers that it replaced, and the new computer that
replaced it ("SAFSTOR" is one codeword used for this scheme).
Alex
More information about the linux
mailing list