[Leaplist] The DD drive challenge

Wed Apr 9 13:29:15 EDT 2008

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2008-04-08, at 1248, patrick wrote:
>
> Did you first write over the tapes with all inputs turned off?
>
> I think that is what happens with DD, but, don't know for certain.   
> The
> fact that the government agencies and disk recovery companies declare
> that it is impossible to recover drive data after a DD command, when
> they all have much to gain by doing a recovery, speaks volumes to  
> me...

it's not impossible, but it _is_ rather difficult. you would have to  
phsyically open the drive and read the platters using special hardware  
(more sensitive magnetic heads, with a very narrow field width,  
aligned to the edges of the normal data channels.) it *can* be done,  
especially if the data was only overwritten once.

and even though their web site says they extend the challenge to any  
government agency as well, the fact is that the people who HAVE this  
capability are not going to participate, because (1) the reward is  
small (only $400 plus you get to keep the drive itself?) and (2) the  
government in particular will leave this alone, because they don't  
want any public documentation of their actual intelligence-gathering  
capabilities.

after all, you never know when you'll have to recover data from an  
"erased" hard drive which used to belong to a "terrorist", and if it  
becomes a verified fact that a single pass with "dd" is NOT secure  
enough to prevent them from recovering the data, the bad guys will use  
something stronger.

look at it this way- you state that the government is telling the  
public that one pass with "dd" is good enough, but the fact is that  
NIST 800-88 (the federal standard for data sanitization) doesn't  
mention "dd" as an approved method of securely deleting data (although  
to be fair, it may be that they just haven't gotten around to changing  
it yet.)

http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf

list of NIST special publications (some interesting things here, all  
paid for by our tax dollars...)

http://csrc.nist.gov/publications/PubsSPs.html

personally speaking, i tend to place a little bit more faith in the  
procedures that the gummint(tm) uses to protect their own data, than  
what they tell the sheeple is okay to use. so when/if they change NIST  
800-88, i'll look at changing my opinion then.

- --------------------------------------------------------
| John M. Simpson  --  KG4ZOW  --  Programmer At Large |
| http://www.jms1.net/                 <jms1 at jms1.net> |
- --------------------------------------------------------
|   Hope for America  --  http://www.ronpaul2008.com/  |
- --------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)

iEYEARECAAYFAkf8/OwACgkQEB9RczMG/Ptc7ACgxr0scws06JPp0Qjl8QHTr6Au
v1QAoOOU3KZlus/ESPwrNE16RDbA/Plv
=2q8+
-----END PGP SIGNATURE-----