[clug] Secure Erase of disks/drives

Robert robert at apex.net.au
Tue May 8 06:45:25 GMT 2007 

 From that same paper

Looking at this from the other point of view, with the ever-increasing 
data density on disk platters and a corresponding reduction in feature 
size and use of exotic techniques to record data on the medium, it's 
unlikely that anything can be recovered from any recent drive except 
perhaps one or two levels via basic error-cancelling techniques. In 
particular the the drives in use at the time that this paper was 
originally written have mostly fallen out of use, so the methods that 
applied specifically to the older, lower-density technology don't apply 
any more. Conversely, with modern high-density drives, even if you've 
got 10KB of sensitive data on a drive and can't erase it with 100% 
certainty, the chances of an adversary being able to find the erased 
traces of that 10KB in 80GB of other erased traces are close to zero.


That was written 10 years ago. And the features sizes used on modern 
disks have gone down by an order of magnitude or two since then.
I'm not convinced that there is any credible risk here.


Alex Satrapa wrote:
> On 08/05/2007, at 15:57 , Alex Satrapa wrote:
> 
>> The cost is in the order of $100K for someone in the Western world 
>> using commercially produced equipment, doing the work on a contract 
>> basis.
> 
> Though I'll also refer you to the paper by Peter Gutmann again:
> 
>> Even for a relatively inexperienced user the time to start getting 
>> images of the data on a drive platter is about 5 minutes. To start 
>> getting useful images of a particular track requires more than a 
>> passing knowledge of disk formats ... [and] would take approximately 
>> 2-10 minutes depending on the skill of the operator and the resolution 
>> required.
> 
> and
> 
>> If commercially-available SPM's are considered too expensive, it is 
>> possible to build a reasonably capable SPM for about US$1400, using a 
>> PC as a controller
> 
> So assuming someone in an undervalued economy has access to the tools 
> and material required to build a more-than-reasonably capable SPM, and 
> it ends up costing them $5000, and scanning a 300GB drive takes 
> somewhere in the order of a few days - do you now have reason to be more 
> paranoid about your data destruction?
> 
> Alex
> 

-- 
Robert
If the Hunter S Thomson quote "When the going gets weird, the weird turn 
pro" is true, why aren't I rich?

More information about the linux mailing list