Recovery of supposedly erased data from magnetic media is easier than what many people wouldlike to believe. A technique called Magnetic Force Microscopy (MFM) allows any moderately funded opponent to recover the last two or three layers of data written to disk; wipe repeatedly overwrites special patterns to the files to be destroyed, using the fsync() call and/or the O_SYNC bit to force disk access. In normal mode, 34 patterns are used (of which 8 are random). These patterns were recommended in an article from Peter Gutmann (pgut001@cs.auckland.ac.nz) entitled "Secure Deletion of Data from Magnetic and Solid-State Memory". A quick mode allows you to use only 4 passes with random patterns, which is of course much less secure.
Encrypting a whole partition with cryptoloop, for example, does not help very much either, since there is a single key for all the partitions.
Therefore wipe is best used to sanitize a harddisk before giving it to untrusted parties (i.e. sending your laptop for repair, or selling your disk).
Continue Reading...
Encrypting a whole partition with cryptoloop, for example, does not help very much either, since there is a single key for all the partitions.
Therefore wipe is best used to sanitize a harddisk before giving it to untrusted parties (i.e. sending your laptop for repair, or selling your disk).
0 comments:
Post a Comment