Security Basics mailing list archives
Re: Advice regarding servers and Wiping Drives after testing
From: gjgowey () tmo blackberry net
Date: Wed, 12 Sep 2007 17:52:18 +0000
What you're forgetting is that these pieces of software aren't you normal "access the hdd through regular os calls". These pieces of software are sending low level commands to the drive its self an interpreting what's sent back instead of relying on a middle layer. They can literally have the head scan a particular sector as many times as is needed until it gets a signal back that resembles something useable. Writing all 0's will never prevent against software recovery because the all 0's approach is like recording over a used VCR tape once. Geoff Sent from my BlackBerry wireless handheld. -----Original Message----- From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net> Date: Wed, 12 Sep 2007 12:48:42 To:security-basics () securityfocus com Subject: Re: Advice regarding servers and Wiping Drives after testing On 2007-09-11 William Holmberg wrote:
On Tuesday, September 04, 2007 1:03 PM Ansgar -59cobalt- Wiechers wrote:On 2007-09-01 gjgowey () tmo blackberry net wrote:A since pass with all zero's really won't protect your data from being recovered by more advanced data recovery software let alone alone hardware.I'd like to see a single case where someone was able to recover data from an overwritten harddisk, even after a single pass with zeroes.No doubt you are an intelligent and well educated person in these fields, and probably have many areas of expertise more proficient than mine. I do have to state however, and nearly any Infragard member can tell you, the FBI uses tools that accomplish this on a regular basis. I have no doubt other agencies do as well. We have had demonstrations of it remotely in a class I help instruct, SAFE computing for Law Enforcement and Non-Profits (SAFE is Security And Forensic Education) at Metro State University of Minnesota, MCTC campus.
Demonstrations of recovering data from fully overwritten media, without opening the case? Sorry, but I seriously doubt that. Feel free to prove me wrong, but without evidence I find that really hard to believe. Keep in mind we're not talking about wiping single files, but overwriting the entire media. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
Current thread:
- Re: Advice regarding servers and Wiping Drives after testing Anshuman G (Sep 04)
- <Possible follow-ups>
- RE: Advice regarding servers and Wiping Drives after testing Joel A. Folkerts (Sep 04)
- Re: Advice regarding servers and Wiping Drives after testing Steve Olive (Sep 06)
- Re: Advice regarding servers and Wiping Drives after testing gjgowey (Sep 04)
- Re: Advice regarding servers and Wiping Drives after testing Ansgar -59cobalt- Wiechers (Sep 11)
- RE: Advice regarding servers and Wiping Drives after testing Craig Wright (Sep 11)
- RE: Advice regarding servers and Wiping Drives after testing Murda Mcloud (Sep 11)
- RE: Advice regarding servers and Wiping Drives after testing William Holmberg (Sep 11)
- Re: Advice regarding servers and Wiping Drives after testing Ansgar -59cobalt- Wiechers (Sep 12)
- Re: Advice regarding servers and Wiping Drives after testing gjgowey (Sep 12)
- RE: Advice regarding servers and Wiping Drives after testing Craig Wright (Sep 12)
- RE: Advice regarding servers and Wiping Drives after testing William Holmberg (Sep 12)
- RE: Advice regarding servers and Wiping Drives after testing Craig Wright (Sep 13)
- RE: Advice regarding servers and Wiping Drives after testing William Holmberg (Sep 13)
- RE: Advice regarding servers and Wiping Drives after testing Craig Wright (Sep 13)
- RE: Advice regarding servers and Wiping Drives after testing William Holmberg (Sep 13)
- RE: Advice regarding servers and Wiping Drives after testing Craig Wright (Sep 14)
- RE: Advice regarding servers and Wiping Drives after testing Craig Wright (Sep 14)
- Message not available
- Re: Advice regarding servers and Wiping Drives after testing Daniel Anderson (Sep 18)
- Re: Advice regarding servers and Wiping Drives after testing Ansgar -59cobalt- Wiechers (Sep 11)
- RE: Advice regarding servers and Wiping Drives after testing dave kleiman (Sep 12)