[clug] Secure Erase of disks/drives
robert at apex.net.au
Tue May 8 06:45:25 GMT 2007
From that same paper
Looking at this from the other point of view, with the ever-increasing
data density on disk platters and a corresponding reduction in feature
size and use of exotic techniques to record data on the medium, it's
unlikely that anything can be recovered from any recent drive except
perhaps one or two levels via basic error-cancelling techniques. In
particular the the drives in use at the time that this paper was
originally written have mostly fallen out of use, so the methods that
applied specifically to the older, lower-density technology don't apply
any more. Conversely, with modern high-density drives, even if you've
got 10KB of sensitive data on a drive and can't erase it with 100%
certainty, the chances of an adversary being able to find the erased
traces of that 10KB in 80GB of other erased traces are close to zero.
That was written 10 years ago. And the features sizes used on modern
disks have gone down by an order of magnitude or two since then.
I'm not convinced that there is any credible risk here.
Alex Satrapa wrote:
> On 08/05/2007, at 15:57 , Alex Satrapa wrote:
>> The cost is in the order of $100K for someone in the Western world
>> using commercially produced equipment, doing the work on a contract
> Though I'll also refer you to the paper by Peter Gutmann again:
>> Even for a relatively inexperienced user the time to start getting
>> images of the data on a drive platter is about 5 minutes. To start
>> getting useful images of a particular track requires more than a
>> passing knowledge of disk formats ... [and] would take approximately
>> 2-10 minutes depending on the skill of the operator and the resolution
>> If commercially-available SPM's are considered too expensive, it is
>> possible to build a reasonably capable SPM for about US$1400, using a
>> PC as a controller
> So assuming someone in an undervalued economy has access to the tools
> and material required to build a more-than-reasonably capable SPM, and
> it ends up costing them $5000, and scanning a 300GB drive takes
> somewhere in the order of a few days - do you now have reason to be more
> paranoid about your data destruction?
If the Hunter S Thomson quote "When the going gets weird, the weird turn
pro" is true, why aren't I rich?
More information about the linux