|
Posted by nemo_outis on June 17, 2005, 5:51 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>
>>
>>> Content-Type: text/plain; charset="iso-8859-1"
>>> Content-Transfer-Encoding: quoted-printable
>>>
>>> I've scrubed one of my hard drives using an application that does
>>> multiple wipes followed by a final writing of all zeros to every
>>> sector of the hard drive.
>>>
>>> How can I verify that the hard drive has truely been scrubed before
>>> I send it offiste?
>>>
>>> Thank you
>>
>> Use any of the file-recovery tools, especially the forensic ones,
>> such as Encase, etc.
>>
>> This will confirm *software* unrecoverability - if someone is willing
>> to spend serious bucks, hardware recovery may still be possible.
>>
>> Regards,
>>
>
> Not true.
> After a 3 times overwrite virtually nothing is recoverable by any
> professional
> After a 30 times over write nothing is recoverable.
>
> If someone has the capability to recover anything of use after 7 times
> over write I want to speak to them. I will refer DR jobs to them!
>
> Re the OP and his ?. Winhex or similar and examine some random
> sectors for text or data.
The limits of the possible in data recovery are NOT set by the commercial
recovery houses.
The US DoD recommends *destruction* of any HD that is to pass outside the
agency, EVEN for those used just for general office work, let alone those
those that once contained classified data (see, for instance, DoD
Directive 8500.1, October 2002. The ancient DoD 5220.22-M with its
overwrite specs was rescinded as obsolete long ago!).
Even degaussing is viewed askance (since only the top-end units can
handle modern high-coercivity drives, and, even then, reliability - 80+
dB suppression - is spotty). Software methods, such as overwriting, just
don't cut it against a serious adversary (even ignoring, for the moment,
that things such as HD buffers - some bigger than 8 megs - may result in
7 overwrites really only resulting in one!).
Yes, a disk that has been overwritten many times times will not be
recoverable by an ordinary recovery shop, but they do not use methods
such as second-harmonic magnetoresistive microscopy and newer variants
(since they would never be economically viable See, for instance,
http://www.boulder.nist.gov). Ordinary users need not worry about such
recovery methods, but they are well within the capabilities of TLAs and
some other labs (which is why I used "may" in my post).
If a HD contains, or has ever contained, sensitive data it should be
destroyed, not erased, when one is finished with it. Since new drives
cost less than $1/gig these days, anything else is madness.
Regards,
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map