[nflug] Wiping hard drive sensitive personal data

Brad Bartram brad.bartram at gmail.com
Thu Jul 20 11:02:49 EDT 2006


For the most part, the core ideas remain the same.  It's really about common
sense if you want to protect data...just like it was in the olden days.  ;-)

In the days of floppies and tape, which I grundgingly admit that I do have
more than a passing memory of, it was easy enough to destroy the media.
Magnets and fire were good, and did the job pretty good as long as you were
thorough.  Of course a big magnet was usually pretty good for a casual
cleaning.

Now, with the abundance of much more resilient media, data destruction
becomes more tedious and difficult.  I do tend to find this highly ironic,
especially when considering how if you don't have it backed up, it's gone by
sneezing too close; but if you want to get rid of it, you almost need
nuclear weapons to do it.

I've seen demonstrations, read the works of, and talked to researchers
involved in recoving all sorts of fun data at levels that really makes a
person paranoid.  Especially in the arena of law enforcement and
counter-terrorism.

As I kind of said in my first post however, it comes down to risk
assessment.  You have to use a method that lines up with the level of risk
you face.  If you skimp on prevention, you run the risk of exposing
confidential data, which could result in privacy lawsuits, loss of contracts
for business partners, embarassment for the organization, or loss of
intellectual property protections.  If you go over board, you are expending
more resources than the data is worth and therefore operating at a
functional loss, which of course is bad for business.  In the real world,
something is better than nothing - just look at all the various stories that
come out each year about companies and government agencies doing stupid
things with confidential files and computers that allow people to see the
"protected" data.  The recent hulla-balloo about improperly redacted pdfs
come to mind.

brad

On 7/20/06, Mark Robson <markrobson at yahoo.com> wrote:
>
> I admire your focus on the physics, Brad.  I have no experience in current
> hardware, but back in the days of magnetic tape, it was useful to have some
> very large magnets. Probably couldn't re-use the drive, though.
>
>
>
> *Brad Bartram <brad.bartram at gmail.com>* wrote:
>
> As with everything, it comes down to a cost / benefit analysis.  What is
> the maximum amount that data is worth in comparison to the price it would
> cost to recover?  Is it worth enough to have a specific data recovery
> company, or well equipped independent take a serious interest in it?  Is it
> somthing that the government would be interested in tracking down as part of
> an anti-terrorism investigation where the budget goes beyond what we have as
> mere mortals?
>
> The ultimate question comes down to the disposition of the drive once
> you're done.  If you are trying to reuse the drive after securely removing
> the data, then appropriate measures of data destruction should be taken.
> Example, if the systems will be redeployed internally within the same
> organization and at the same level of confidentiality, then use whatever
> methods you are most comfortable.  If the systems are to be wiped and
> redeployed to a level of lesser trust, then use a stronger wipe.  If the
> system is going to be taken completely out of service, then depending on the
> data whether it be customer information or trade secrets or whatever, you
> have to decide whether to wipe the drive and hope for the best or destroy
> the drive safely.
>
> The only way to be certain that the data on a hard drive is truly wiped is
> to disassemble the drive, chisel the coating from the platters, remove the
> controller from the drive, and burn the case, platters, platter dust, and
> controllers in seperate incinerators.  But then that just gets a little
> paranoid.  Then again, never underestimate the abilities of well funded
> organizations to recover data, even when you think it's destroyed.
>
> brad
>
> On 7/20/06, Darin Perusich <Darin.Perusich at cognigencorp.com> wrote:
> >
> > i believe it depends on the type of wiping method you use. if you use
> > the Canadian RCPM and American DoD standard methods the data is pertty
> > much irrecoverable.
> >
> > eric wrote:
> > > Can Sleuth Kit recover data after using one or many of the methods
> > DBAN
> > > has to offer?
> > >
> >
> > --
> > Darin Perusich
> > Unix Systems Administrator
> > Cognigen Corporation
> > 395 Youngs Rd.
> > Williamsville, NY 14221
> > darinper at cognigencorp.com
> > _______________________________________________
> > nflug mailing list
> > nflug at nflug.org
> > http://www.nflug.org/mailman/listinfo/nflug
> >
>
> _______________________________________________
> nflug mailing list
> nflug at nflug.org
> http://www.nflug.org/mailman/listinfo/nflug
>
>
>
>
> Mark Robson
>
> ------------------------------
> Do you Yahoo!?
> Everyone is raving about the all-new Yahoo! Mail Beta.<http://us.rd.yahoo.com/evt=42297/*http://advision.webevents.yahoo.com/handraisers>
>
>
> _______________________________________________
> nflug mailing list
> nflug at nflug.org
> http://www.nflug.org/mailman/listinfo/nflug
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.nflug.org/pipermail/nflug/attachments/20070525/daec92e6/attachment.html
-------------- next part --------------
_______________________________________________
nflug mailing list
nflug at nflug.org
http://www.nflug.org/mailman/listinfo/nflug


More information about the nflug mailing list