| 1 |
On Thu, 09 Aug 2012 08:53:27 -0500 |
| 2 |
Dale <rdalek1967@×××××.com> wrote: |
| 3 |
|
| 4 |
> Alex Schuster wrote: |
| 5 |
> > Dale writes: |
| 6 |
> > |
| 7 |
> >> I have seen where people use dd to do this sort of thing to. I |
| 8 |
> >> read somewhere that if you do a dd and put in all 1's, then all |
| 9 |
> >> 0's then back again that it is very hard to get any data back off |
| 10 |
> >> the drive. I think if you do it like over a dozen times, it is |
| 11 |
> >> deemed impossible to get anything back. I think that is the |
| 12 |
> >> Government standard of it's gone. |
| 13 |
> > There's no need for multiple passes of dd with different values. |
| 14 |
> > |
| 15 |
> > http://www.h-online.com/security/news/item/Secure-deletion-a-single-overwrite-will-do-it-739699.html |
| 16 |
> > |
| 17 |
> > Wonko |
| 18 |
> > |
| 19 |
> > |
| 20 |
> |
| 21 |
> |
| 22 |
> I wonder what some Government org like NSA would think about this? |
| 23 |
> Then again, they may want us to believe this so they can get stuff |
| 24 |
> back. ;-) ;-) |
| 25 |
> |
| 26 |
> That said, I always wondered how something can be there when it is |
| 27 |
> erased. On paper, I can see that because it made a physical change to |
| 28 |
> the paper but on magnetic media, it is magnetic not physical. |
| 29 |
|
| 30 |
It's quite simple once you understand how disks work. |
| 31 |
|
| 32 |
In textbooks we need to keep things simple, so we say things like "the |
| 33 |
magnetic particles are all aligned this way for a 0 and that way for a |
| 34 |
1". This gets the concept across but it also let's people believe that |
| 35 |
bits on a disk are very much binary - like a light switch or a |
| 36 |
transistor they are either on or off. |
| 37 |
|
| 38 |
In practice, nothing could be further from the truth. |
| 39 |
|
| 40 |
With disk magnetic media, you aren't dealing with a single isolated |
| 41 |
thing (such as a chunk of disk that can only be one way), you are |
| 42 |
dealing with a very very large number of magnetic particles that go to |
| 43 |
make up one bit. It's how they average out that makes the drive think |
| 44 |
it's a 0 or a 1. It all works much like tape cassettes - the head has a |
| 45 |
little coil of wire in it and current flows through the coil. It passes |
| 46 |
near a magnetic field on the tape, and the current in the coil changes. |
| 47 |
Read the amount of change using fancy electronics, and voila! you have |
| 48 |
audio. In the case of disks, it's voila! you have a stream of bits. |
| 49 |
|
| 50 |
Disk drives can't afford to be almost right like audio tape though, |
| 51 |
they have to be exactly right so the drive has some amazing maths built |
| 52 |
into it for error-correction and redundancy. I believe something like |
| 53 |
40% of the space containing raw data is pure error checking (so your 3T |
| 54 |
drive is actually 4.1T, but you will only ever get to use 3T) |
| 55 |
|
| 56 |
The trick is, when you overwrite an area of the disk, you don't erase |
| 57 |
everything, there are some traces left behind. |
| 58 |
|
| 59 |
Pencil and paper is a good analogy. Write something in pencil. Erase |
| 60 |
wit with a rubber eraser, and write something else in the same space. |
| 61 |
Now hold the paper up to the light and if you know how to look you can |
| 62 |
see the indents in the paper from the first thing you wrote. Train your |
| 63 |
eyes to ignore what's written there now and only look at dented paper |
| 64 |
with no lead marks, and you can read things quite clearly. James Bond |
| 65 |
was especially good at this but that's a movie so real life isn't |
| 66 |
*that* quick. |
| 67 |
|
| 68 |
Sekrit magic disk software does a very similar thing - it ignores the |
| 69 |
current data and looks for traces left behind from the last write, and |
| 70 |
the ones before that. |
| 71 |
|
| 72 |
This trick isn't universal of course. As drive technology advances and |
| 73 |
IBM figures out new ways to do it, they come up with ideas like using |
| 74 |
the _depth_ of the magnetic material too. Neat trick - you can double |
| 75 |
the data stored in the same surface area. With each technology advance, |
| 76 |
things change a lot, so the amount of reading backwards you can do is |
| 77 |
always changing and depends very much on exactly what drive you have. |
| 78 |
|
| 79 |
|
| 80 |
-- |
| 81 |
Alan McKinnon |
| 82 |
alan.mckinnon@×××××.com |
Archives