On Sun, Sep 6, 2009 at 3:42 PM, Sven Joachim <svenj...@gmx.de> wrote:
> On 2009-09-06 21:12 +0200, John Hasler wrote: > > > Napoleon writes: > >> Overwriting with zeros (or ones) once is not at all secure. It can > >> easily be nearly 100% recovered by someone with the necessary > >> equipment, even more so on a modern drive. > > > > Please provide evidence that anyone has ever done this on a modern > > drive. > > Jumping into that discussion, here is evidence that this is not possible > with modern drives: > > > http://www.h-online.com/news/Secure-deletion-a-single-overwrite-will-do-it--/112432 No, that it not evidence. It is an opinion; possibly a very informed opinion. But security issues often require a skeptical perspective. In this case an expert's statement that he does not know how to retrieve info from a drive is abolutely worthless in determining whether anyone else knows how to retrieve info from a drive. > > <http://www.h-online.com/news/Secure-deletion-a-single-overwrite-will-do-it--/112432> > > So, anyone who wants to sell his hard disk can just use > "dd if=/dev/zero ..." and be done with it. > That will work up to the value of the information being secured. But once the value of the information reaches an upper limit then it becomes worthwhile for people to use more sophisticated techniques, and overwriting with a constant pattern becomes worthless. There is a recently revised NIST standard for securing information. It says very little -- propably because the US givernment has an interest in lowering other entities security. The previous versions of that standard were a lot more informative and useful. BTW, no sensible person ever said that 35 passes were necessary and/or useful. A well-informed and well-intentioned expert answered a silly question and his answer boils down to the (valid) claim that it is not possible for any drive to require more than 35 passes. The total of 35 was obtained by summing all of the possible overwrite techniques for all possible drive/recording technologies. After that many non-sensible people claimed that 35 passes was the ne-plus-ultra in disk scribbing, which claim is both invalid and stupid. Lee Winter NP Engineering Nashua, New Hampshire
