On Thu, Jan 03, 2008 at 04:08:08PM -0800, Marco S Hyman wrote:
> As for disk destruction... I don't know nor pretend to know what can
> and can not be recovered. Take a look at
>
> https://www.dss.mil/portal/ShowBinary/BEA%20Repository/new_dss_internet/isp/odaa/documents/clear_n_san_matrix_06282007_rev_11122007.pdf
>
> The DSS (Defense Security Service, part of the DoD) calls what you have
> done "clearing" the disk. It does not "sanitize" the disk. To sanitize
> you need to either degauss or destroy the disk.
>
The NIST article that (I think) started this thread says that it (the
document) applies to commercial-grade privacy but not to
government-grade classified material. In other words, there's an
implied difference between the ability of a commercial data recovery
company and a major government.
So, you have to look at who your adversary is and the value of the data.
If the value is less than the drive, then clear the disk and sell it.
If you are keeping the disk in-house but just re-allocating it, then
clear the disk and re-use it. However, if the agency you wish to not be
able to read the disk has the backing of a major government:
1: distroy the disk
2: distroy the computer (the document actually says this re RAM
chips)
3: re-evaluate the whole concept of using a computer at all,
expecially if the hardware is at risk of being "stolen" (seized,
confiscated, etc).
If the data on the drive has always been in encrypted form, then you
have to evaluate the strength of the encryption vs. the strength of the
adversary.
JM2c
Doug.
