I think I wouldn't spend time wiping a drive. I think I would just destroy it. More fun and takes less time. <br><br>From page 40 of the NIST guide:<br><br>The hard drive should then be subjected, in a suitable facility with<br>
individuals wearing appropriate safety equipment, to physical force… (e.g.,<br>pounding with a hammer…) that will disfigure, bend, mangle, or otherwise<br>mutilate the hard drive so that it cannot be reinserted into a functioning<br>
computer. Sufficient force should be used directly on top of the hard drive<br>unit to cause shock/damage to the disk surfaces. In addition, any connectors<br>that interface into the computer must be mangled, bent, or otherwise damaged to<br>
the point that the hard drive could not be reconnected without significant rework.<br><br>DOD Memorandum, 8 July, 2001. Subject: Destruction of DoD Computer Hard Drives Prior to<br>Disposal.<br><br><br>I'm thinking of the scene from "Office Space" where a certain printer was removed to a remote field location and "retrained" to be scrap metal :-)<br>
<br>I also know of people that swear a 12 gauge slug will render a hard drive utterly non-recoverable. Ditto on using a log splitter with a cross point wedge.<br><br>Lastly, removing the platter from the drive case is pretty easy. Then burnishing it with a torch will add nice colorations while totally demagnetizing platter surface. Now those colored platters can strung from fishing line and used as wind chimes. From scrap crap to art!<br>
<br><div class="gmail_quote">On Fri, Apr 16, 2010 at 2:12 PM, scott <span dir="ltr"><<a href="mailto:scott@sboss.net">scott@sboss.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
-----BEGIN PGP SIGNED MESSAGE-----<br>
Hash: SHA512<br>
<br>
the wipe she used was the DBAN wipe tool using a single wipe.<br>
<br>
And I know others on a single pass wipe, have recovered their disks (not them personally but the guys in the white suits). Now once it went over 7 passes (7 or more) then the chance of any data recovery went down to a number really really small that is very close to 0. I would call it zero but then someone will get a file and I would be a liar.<br>
<br>
Personally (at my home) I do a 7 pass on all disks unless it has PCI/HIPPA type data then I do 35 pass. I know the PCI/HIPPA rules due to work.<br>
<div><div></div><div class="h5"><br>
<br>
On Apr 16, 2010, at 2:00 PM, Greg Freemyer wrote:<br>
<br>
> fyi: I whole heartedly agree, the mac wipe failure sounds like a<br>
> process failure, not a technology failure.<br>
><br>
> As to: $1/MB ???????? for recovery<br>
><br>
> You must not be telling the whole story. Or maybe you meant $1/GB.<br>
><br>
> That most expensive I'm aware of is a raid array failure. That can be<br>
> $5K/drive or so, but that is still way below $1/MB.<br>
><br>
> Or maybe you just needed a few relatively small files recovered. It<br>
> is still a lot of work to search the whole drive for a few fragments<br>
> and try to rebuild things.<br>
><br>
> I could see us charging $1K or even $2K to recover a specific deleted<br>
> file that was a real challenge to rebuild. And if it was only 50 MB<br>
> or so, you might say that worked out to $20/MB, but that's not really<br>
> a fair to describe the price.<br>
><br>
> Greg<br>
><br>
> On Fri, Apr 16, 2010 at 12:44 PM, Jim Kinney <<a href="mailto:jim.kinney@gmail.com">jim.kinney@gmail.com</a>> wrote:<br>
>> sounds like the wipe tool on that Mac was crap and just did a delete. Drive<br>
>> recovery is $$$$$$$$$!!!!<br>
>> The last one I ran for a client was $1/MB.<br>
>><br>
>> On Fri, Apr 16, 2010 at 12:24 PM, scott boss <<a href="mailto:scott@sboss.net">scott@sboss.net</a>> wrote:<br>
>>><br>
>>> A friend of mines wife wiped her mac laptop HD. Not the govt 35pass<br>
>>> but a single pass wipe. He sent it off to one of those disk recovery<br>
>>> companies and he got 99% of the disk back and the HD was much larger<br>
>>> than 20g. She had over 20g of photos alone.<br>
>>><br>
>>> Ymwv!!<br>
>>><br>
>>> Sent from my mobile...<br>
>>><br>
>>> On Apr 16, 2010, at 12:04, Brian Pitts <<a href="mailto:brian@polibyte.com">brian@polibyte.com</a>> wrote:<br>
>>><br>
>>>> On 04/16/2010 11:31 AM, Greg Freemyer wrote:<br>
>>>>><br>
>>>>> NIST has a sanitation paper that says disk drives of 20GB or larger<br>
>>>>> capacity are not recoverable even via laboratory means after a single<br>
>>>>> wipe with zero's.<br>
>>>>><br>
>>>>> So your just wasting cpu cycles using /dev/urandom. Just use<br>
>>>>> /dev/zero. And just do it once.<br>
>>>><br>
>>>> The link you shared to a discussion of that paper a while back is<br>
>>>> dead.<br>
>>>> Do you know of any more sources? I'd really like to have something to<br>
>>>> wave at the "you must wipe it 27 times" people.<br>
>>>><br>
>>>>> Also, ext2/3 reserves x% of the drive for root, so if your doing the<br>
>>>>> above as a normal user, your missing that x%. I think x% is 5%,<br>
>>>>> but I<br>
>>>>> don't recall for sure. And 5% of 1TB is 50GB, so it is a big deal.<br>
>>>><br>
>>>> At Free IT Athens, we run sfill and sswap from the secure-delete suite<br>
>>>> of tools as a post-install action to securely erase all unused space<br>
>>>> on<br>
>>>> a system being refurbished. sfill sipes the disk space and inode<br>
>>>> space,<br>
>>>> and sswap takes care of the swap partition.<br>
>>>><br>
>>>> --<br>
>>>> All the best,<br>
>>>> Brian Pitts<br>
>>>> _______________________________________________<br>
>>>> Ale mailing list<br>
>>>> <a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
>>>> <a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
>>>> See JOBS, ANNOUNCE and SCHOOLS lists at<br>
>>>> <a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
>>> _______________________________________________<br>
>>> Ale mailing list<br>
>>> <a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
>>> <a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
>>> See JOBS, ANNOUNCE and SCHOOLS lists at<br>
>>> <a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
>><br>
>><br>
>><br>
>> --<br>
>> --<br>
>> James P. Kinney III<br>
>> Actively in pursuit of Life, Liberty and Happiness<br>
>><br>
>><br>
>> _______________________________________________<br>
>> Ale mailing list<br>
>> <a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
>> <a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
>> See JOBS, ANNOUNCE and SCHOOLS lists at<br>
>> <a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
>><br>
>><br>
><br>
><br>
><br>
> --<br>
> Greg Freemyer<br>
> Head of EDD Tape Extraction and Processing team<br>
> Litigation Triage Solutions Specialist<br>
> <a href="http://www.linkedin.com/in/gregfreemyer" target="_blank">http://www.linkedin.com/in/gregfreemyer</a><br>
> CNN/TruTV Aired Forensic Imaging Demo -<br>
> <a href="http://insession.blogs.cnn.com/2010/03/23/how-computer-evidence-gets-retrieved/" target="_blank">http://insession.blogs.cnn.com/2010/03/23/how-computer-evidence-gets-retrieved/</a><br>
><br>
> The Norcross Group<br>
> The Intersection of Evidence & Technology<br>
> <a href="http://www.norcrossgroup.com" target="_blank">http://www.norcrossgroup.com</a><br>
><br>
> _______________________________________________<br>
> Ale mailing list<br>
> <a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
> <a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
> See JOBS, ANNOUNCE and SCHOOLS lists at<br>
> <a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
<br>
</div></div>-----BEGIN PGP SIGNATURE-----<br>
Version: GnuPG/MacGPG2 v2.0.12 (Darwin)<br>
<br>
iQIcBAEBCgAGBQJLyKh7AAoJEF51inK7SsNsnhIP/1a7jCIDJBhxqkOcKjzVASML<br>
RkKTn0OCMr/P6XJgeRWUJ75oBc6be5AbgAJ3BT7nsa6nevYe1tbM6mKc/wDkgUEC<br>
dGAf1Q+yfZASaJs4r9PoKPzpTolqxPN89DEn2pBFYfvNuYmtcGDp5X62epx4GycX<br>
OUnlykxvferJaKy9VvMeFsE8lx66qDk1uU8Y2GltaTTWrU1OmwDxALgXu6H/rc+J<br>
NVGWm9fj9GCxZeu4/y/r+a/7fGbOjWcXOk3yLNi6gZKtjt6oSexEITHQwftaYFrw<br>
W4Uwu68VoomPwVnvqQV+u9PM/47rbam+6rDjtHc/TmTnyYzHHPiaaj/VBpjNNg/9<br>
8LnVHFm3bDM+M1LilpOA4LvyOFX8XBmqs/aTmvZv1aZVc8IvX/80aL7wX8M0/Vmh<br>
udXp5zNa1xwerJmOg7ogl47IN4RwaVLc3UWkcoMID2AhdvCgg35FLRnVXcuI3WHV<br>
vyoBXoHOqbx9M/7HrF5RtYkB6bYYK1Lsuep8ujuS3wCxMoe5JjZB7fpiTiFcSD8m<br>
8O31fxKbCfwzc3ZATQF+N0tBu5nw6BvlHUkybdaU3wpn8ikTlTNd4mG/bPdEHztN<br>
dYxhyJck5AbeQnAG2iYX6mqGWD5g7JdQJqRNIYbZN40GMJ1CGPQerW5dSb/WMiIa<br>
MkU485uRdqSiHXJb1lDY<br>
=/RZh<br>
-----END PGP SIGNATURE-----<br>
<div><div></div><div class="h5"><br>
_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>-- <br>James P. Kinney III<br>Actively in pursuit of Life, Liberty and Happiness <br><br>