Twitter
Jan
20
Onto another interesting piece of news I stumbled upon earlier today - prick your ears - a recent study by Craig Wright; a forensic expert; show that......after a single overwrite of the data on a drive, whether it be an old 1-gigabyte disk or a current model (at the time of the study), the likelihood of still being able to reconstruct anything is practically zero. Well, OK, not quite: a single bit whose precise location is known can in fact be correctly reconstructed with 56 per cent probability (in one of the quoted examples). To recover a byte, however, correct head positioning would have to be precisely repeated eight times, and the probability of that is only 0.97 per cent. Recovering anything beyond a single byte is even less likely.
They presented their paper at ICISS 2008 and it has been published by Springer AG in its Lecture Notes in Computer Science series (Craig Wright, Dave Kleiman, Shyaam Sundhar R. S.: Overwriting Hard Drive Data: The Great Wiping Controversy).
The original article correctly talks about the implications from a security point of view. Its important to bear in mind that remnants of an edited document are still present in several places such as temporary files, swap-files and who knows where else.
Really, to ensure that nothing more can be recovered from a hard disk, it has to be overwritten completely, sector by sector.
Free software out there that employ all sorts of wiping techniques from simple algo's to military grade algo's like Darik's Boot and Nuke ISO (DBAN) might no longer be neccessary as a simple tool like dd in Linux will do the job perfectly.
Echoing this post
0 Trackbacks