[ale] really really deleting files....

Keith R. Watson keith.watson at gtri.gatech.edu
Tue Jun 24 16:21:18 EDT 2003


At 01:17 PM 6/24/2003 -0400, you wrote:
>Keith R. Watson wrote:
>
>>However if you mean no one, not even a three letter government agency can 
>>recover the data, then it is not possible to erase data so that it is 
>>totally safe from recovery. (I'm sure that will start a flame war) The 
>>real issue is how do you define the terms erase and recoverable:
>
>Okay, I've checked out the various docs, briefly.  I don't really have the 
>time to digest them fully at this, time, but would ask your patient.  In 
>my feeble mind, it seems to me that if you remove a file, then fill that 
>file system completely up with garbage, the removed file is not 
>retrievable.  Might you suggest the flaw in my process?

Geoffrey,

I used to deal with sensitive magnetic material and we had rather draconian 
ways of dealing with it. At the time I thought they were just anal retentive.

A few years ago an incident occurred in which we had to determine without a 
doubt if data could be rendered un-recoverable from deleted files without 
harm to "good" files on the system. Since I used to work with this kind of 
stuff I volunteered to dig into it. I figured things would be a bit 
different, as the technology had changed a great deal since I last dealt 
with this type of problem. "A bit different" was a vast understatement.

I read the Orange book and associated documents. Then started a search for 
research papers. What I found was startling. Using magnetic force 
microscopy (MFM) it is possible to recover data that has even been obscured 
using a DOD wipe. To make it worse there are sites that explain how you can 
make an MFM device in your basement with commonly available materials.

What it all boils down to is that it is never really erased until the media 
is physically destroyed with extreme prejudice (emphasis intentional). 
However, this approach generally is reserved for *extremely* sensitive 
material. For us mere mortals who just don't want our personal emails or 
our company's latest business plans to fall into the wrong hands, a simple 
DOD wipe is more than sufficient.

Most people don't have the time or interest to read all the papers that I 
quoted. So here is a great rule of thumb. If you don't want "someone" to 
recover the data regardless of the cost of recovery, I would highly 
recommend physical destruction of the media. Sandblasting the oxide off the 
disk platters and then grinding them up would do the trick. In all other 
cases wipe is your friend.

Personally I don't think anything I do is all that important. To test this 
just ask your management if they are willing to pay to have your hard drive 
recovered the next time it crashes. But to be safe I always wipe (or its 
equivalent) hard drives before I get rid of them.

keith

-------------

Keith R. Watson                        GTRI/ITD
Systems Support Specialist III         Georgia Tech Research Institute
keith.watson at gtri.gatech.edu           Atlanta, GA  30332-0816
404-894-0836

_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale





More information about the Ale mailing list