[clug] Hard disk destruction

Robert Edwards bob at cs.anu.edu.au
Wed Jul 1 02:48:53 GMT 2009 

Brendan Jurd wrote:
> 2009/7/1 Robert Edwards <bob at cs.anu.edu.au>:
>> I think that you need to be careful with "genuinely not possible".
>> The only way you can assert that something is "not possible" is if you
>> are omniscient (ie. you know everything).
> 
> I think that for the purposes of fruitful discussion we can just go
> ahead and figure that when somebody uses the phrase "not possible"
> they mean it in a practical sense, not a philosophical or
> epistemological sense -- unless the context specifically calls for
> that kind of thinking.
> 
>> The person you are protecting the data from may well be someone in the
>> future who has access to all sorts of cool tech that we just don't know
>> about yet. They may look at our Scanning Electron Microscopes and our
>> 2048-bit public keys and just laugh at how primitive we are.
>>
>> Melting the platters in a forge may be the best way to ensure data
>> destruction - but we don't know that either (yet).
> 
> Which brings us back to practical vs. epistemological impossibility.
> If Mister Devious Future Man can look at a pile of aluminium slag and
> determine that it was once a stack of platters from an ancient
> magnetic binary storage device, and then figure out a way to turn that
> into recoverable data, then good luck to him.  I can (and indeed,
> must) learn to live with that risk, because there is no defence
> against it.
> 
> Cheers,
> BJ

Indeed, this is somewhat of an epistemological observation, but I
think it still needs to be made (for some folk). (note: the original
phrase you used was "genuinely not possible", not just "not possible",
whatever that qualification adds to the discussion).

The point I am trying to make is that (and at the risk of being self-
contradictory), when it comes to discussing security, there are no
absolutes. (you also used the word "impossible" in an earlier post).
Security is always an exercise in risk assessment, management and
mitigation. We need to keep being very aware of that and our language
should reflect that.

Just because no one on this list or other sources we have access to
is going to own up to knowing how to recover data from a lump of slag
doesn't automatically make it "genuinely not possible". But, for all
practical purposes, I agree that from both a thermodynamic and an
information theory viewpoint, smelting the disks will sufficiently
increase the entropy of the data as to make it so hard to recover that
I cannot conceive of any way of doing it, regardless of the resources
put at my disposal. I would say that it was "not practically possible".
(on the other hand, if you want to put unlimited resources at my
disposal, I'll have a crack at it...)

Cheers,

Bob Edwards.

More information about the linux mailing list