1 |
On Thu, Dec 17, 2009 at 8:13 AM, Alan McKinnon <alan.mckinnon@×××××.com> wrote: |
2 |
> On Thursday 17 December 2009 02:37:54 Robert Bridge wrote: |
3 |
>> dd is pretty thorough... afterall, it writes to every single block on the |
4 |
>> disk. |
5 |
>> |
6 |
> |
7 |
> And the resulting effect from doing that once is: |
8 |
> |
9 |
> Trivially easy to recover the data that was there just before you did the dd |
10 |
|
11 |
1) It's not trivial. Yes, a forensic lab can probably get enough to |
12 |
convict, but that is NOT trivial... (And I have been talking to data |
13 |
retrieval experts about similar stuff in the last week!) |
14 |
|
15 |
2) The OP has admitted it's not that sensitive. |
16 |
|
17 |
3) dd DOES write to every sector of the disk. It does what it does |
18 |
pretty thoroughly. |
19 |
|
20 |
The major weakness of dd (and any other OS based tool) is the |
21 |
potential for drives doing sector remapping. The only absolutely |
22 |
guaranteed way to eliminate this is a furnace. |