Thread: Slightly OT : Disk wiping?
View Single Post
  #10  
Old April 20th 05, 12:40 AM
Dorothy Bradbury
external usenet poster
  
Posts: n/a
Default
Actually, there are few ways of truly wiping data:
o When a HD head records data it does so by following a servo track
---- following the track results in data being recorded to the side
o Data is recorded as a probability distribution around the servo track
---- it is admittedly a very tight distribution, but it is one none the less
o An edge of layers of dated data remain distant from the servo track
---- over-wiping in theory reduces that incrementally

The problem is in theory isn't necessarily in practice:
o Mil spec wiping requires as I recall 4 overwrites
---- so diminishing such edge data to an unrecoverable level
o Overwriting also requires attention to the pattern used
---- otherwise it is possible to predict what was there
---- reverse-ECC, signal level & other tricks counters that

Remember a HD is an analog device - not digital - in recording.
Yes the signal is 1s & 0s, but analog techniques can interpret what
data was there before based on its particular value re 0.83 v 0.85 etc.

The reality comes down to security level required:
o NSA can pull your platters & use lots of tricks to get data back
o For basic financial, email etc data a decent program will suffice :-)

The most critical military/gov't uses a different method:
o Either a belt sander to remove the physical magnetic media
---- platters once aluminium are now glass in most instances
o Alternatively they just melt them down
---- probably more economic in terms of labour

Wiping data is an important consideration:
o MS-IE / XP regularly store auto-complete info for passwords
---- auto-complete on email address, get from ISP/Outlook settings
o Take someone's HD and you can access all financial info
---- transferring funds, pensions, bank contents
---- expenditure on credit cards, debit cards

At present identity theft is easier via your dustbin in the street,
but a stolen laptop owned by a financial adviser is a potential risk.
USA tends to have more problem with advisers bunking with money,
which overshadows that done more legally by CEOs & Wall Street :-)

For critical applications it is worth keeping a spare original HD, a
fully as-delivered-drive-O/S ready to go. That way if a laptop or PC
has to be sent for repair that can be enclosed with it, and also very
useful if your machine keels over (particularly if a laptop). It is then
just a matter of re-installing kep apps, your ISP settings & your data.
--
Dorothy Bradbury