Archived from groups: comp.sys.ibm.pc.hardware.storage (
More info?)
Shailesh Humbad wrote:
> dg wrote:
>> Do a google groups search for "german magazine data recovery". You may
>> hear stories about how data is always recoverable, but just try to find a
>> company
>> that can perform this feat, at any price. I think there are a lot of
>> tall tales floating around concerning data recovery.
>>
>> It is widely accepted that by simply overwriting your original data with
>> new data, 1 single time, is enough to keep the original data from ever
>> being
>> recovered. See here:
>>
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&threadm=b3m326
241o56r1%241%40ID-2964.news.dfncis.de&rnum=1&prev=/groups%3Fas_q%3Dgerman
2520magazine%2520data%2520recovery%26safe%3Dimages%26ie%3DUTF-8%26oe
3DUTF-8%26lr%3D%26hl%3Den
>>
>> --Dan
> One of my clients is a physician, and he called me to ask for my
> opinion on a debate he was having with his wife. They are giving away
> some of their old PCs, and he was saying he could just format the XP
> partition and sell it, whereas his wife was disagreeing. The drives
> may contain financial passwords and other personal information.
>
> There doesn't seem to be much easily accessible and reliable
> information on this topic. The software vendors want to sell their
> software, so they only hawk the security of their methodology. No one
> seems to have any clue as to what are the actual costs and
> probabilities involved in recovery.
>
> Anyway, as you (Dan) suggest, I am going to advise them to do a single
> pass over-write of the entire drive. I know that, at the very least,
> no software-only solution will be able to recover from this. Once the
> data is overwritten with zeros, recovering it again probably requires
> highly specialized and ridiculously expensive hardware. If
> overwritten once with random data, then it is probably totally
> impossible. What is the point of making multiple passes I have no
> idea, although most software offers this option. Just to waste time I
> guess.
There is a specific government requirement for the procedure to be used to
erase classified information, that involves multiple passes. That's why
it's there in the software, with options in case (a) that changes, or (b)
it's being used somewhere where the Powers That Be require different
procedure.
How secure you need to be depends on how valuable the data is and to whom it
is valuable--if it's really, really valuable to a First World government
then the only _sure_ bet is to melt the drive down or grind it to chips.
Don't assume that the commercial data recovery services define the state of
the art--it's not cost effective to go after a drive with electron
microprobes and scanning tunnelling microscopes to recover commercial
data--any organization large enough to have data that valuable will have it
backed up, RAIDed, off-site archived, server-mirrored, hot-sited, and
anything else you can think of--the people who need the data recovery
services are the small shops that haven't yet learned that it's cheaper to
protect than to recover and the occasional midsize outfit that has run into
a disaster beyond what they planned for. Consider the amount that such a
business can spend on the recovery, then consider the resources brought to
bear if George Bush says to the Director of the NSA "get the data and hang
the expense". But the likelihood of that sort of resource being brought to
bear on your client, unless he turns out to be a spy, major crime figure,
or international terrorist, is vanishingly small.
--
--John
Reply to jclarke at ae tee tee global dot net
(was jclarke at eye bee em dot net)