LISTSERV - HP3000-L Archives

HP3000-L Archives

May 2007, Week 3

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L May 2007, Week 3

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Deleting data from a HP 3000 disk drives
From:	Pete Eggers <[log in to unmask]>
Reply To:	[log in to unmask]
Date:	Wed, 16 May 2007 15:50:56 +0000
Content-Type:	text/plain
Parts/Attachments:	text/plain (78 lines)

If you can degauss a disk, it will be virtually unusable.  The cost of
having the disk restored to a working condition far exceeds its value.
 And then, if your data is valuable enough, someone with access to a
lab could still possibly recover some, if not all of the disk.

Scratching the volume, as indicated before is no better than purging
the files.  Any one with a Linux machine can store a bit-for-bit image
(not including spared, or other hidden tracks, but again you need a
lab) to a file on their disks.  Then you can simply scan the image for
interesting information starting with simply the "strings" program,
progressing to a formatting disk utility like a disk editor, to custom
written programs.

Over-writing the files with gibberish (hopefully white noise) once,
only prevents the casual hacker from reading it.  When you go beyond
reading 0s and 1s off the disk, and start reading the disk as an
analog recording of varying levels of magnetic fields, a single pass
will not hide any of the underlying data.  With the right equipment,
each bit is not a single 0 or 1, but a 16, 32, or maybe even a 64 bit
value, that with the right software will produce a fairly accurate
history of the 1s and 0s that were deposited there, going back some
number of writes.

It comes down to, "How valuable is the data contained to parties that
you (your company) do not wish to have that information?", and also to
be considered, "How much trouble would you be in, if someone were to
extract information off the disks?".  Think "due care" and "due
diligence".  People go to jail in this day and age for cutting
corners, and letting out confidential information.

What is the value of the disks on the open market (minus all data, of course)?

How much is your time worth?

What are the consquences of leaking the information contained on the disks?

Nothing is better, faster, or cheaper at protecting the sensitive data
on the disks than a sledgehammer.

Peter M. Eggers, CISSP (Certified Information Systems Security Professional)

On 5/16/07, Craig Lalley <[log in to unmask]> wrote:
> Chuck Trites <[log in to unmask]> wrote:    If you scratch them with Volutil, won't that make them basically ureadable ?
>
> Chuck
>
>
>   SCRATCHVOL only wipes the file lable table from the front of the disc.
>
>   But if you did a
>
>   VSCLOSE
> SCRACHVOL
>   shuffle the disks around in the enclosure
>   NEWVOL TEST,MASTER
>   and add all the volumes back
>
>   Then create some really be junk files filled with 1/0's or gibberish.
>
>   It would be virtually impossible to retrieve the old data, or at least not cost effective.
>
>   -Craig
>
>
>
> ---------------------------------
> Get the Yahoo! toolbar and be alerted to new email wherever you're surfing.
>
> * To join/leave the list, search archives, change list settings, *
> * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
>

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

ATOM RSS1 RSS2

RAVEN.UTC.EDU