> Near as I can tell if someone says they are doing NSA overwrites, they are > full of shit. In addition, based upon Mr. Gutmann's paper and the fact > that it is quite old, one can assume that with advanced forensics the > simple 3, 7, or 9 time overwrites that these products are claiming as > secure actually are not even close to the level of security they claim. In > fact, by following this "glossy brochure" de facto standard, data is not > secured from recovery by an advanced recovery effort at all. And worse yet, your data may well live in other places aside from the official blocks on the disk. If you're using a journaling file system, your data was probably written to the journal before going to the final blocks. If the data was read by a process that swapped, your swap partition may contain a copy of the data. If the filesystem layer decided to move your data around on the physical disk for some reason then the original location will not be overwritten by our standand 'write junk x times' method. To my knowledge there is no 100% guarenteed method to delete your bits irrevocably from the hardware without writing over the entire disk[1], not just the parts officially allocated to the file at any given time. [1] multiple times with different data each time, as meantioned before. -- Brian Hatch "Cannot say. Saying I Systems and would know. Do not know, Security Engineer so can not say." www.hackinglinuxexposed.com Every message PGP signed
Attachment:
pgp00288.pgp
Description: PGP signature
