Home page logo

basics logo Security Basics mailing list archives

RE: Interesting One
From: "Michael Vaughan" <list () predator-hunter com>
Date: Wed, 30 Oct 2002 14:37:17 -0500


Here is how to erase a hard drive securely.

1) Boot to a floppy and wipe it securely using a program that randomly
encrypts the sectors on the hard drive as it runs 10-20 times.
2) Take the Hard Drive out of the computer/server and set it on a bench
AWAY from other magnetically sensitive materials.  
3) Take a natural magnet and set it on top of the hard drive for a
couple of days.
2) Take the Hard Drive and go outside.  
4) Take a hammer to it and ENSURE you shatter the platters. Think of end
users tends to motivate me a little...  :)
5) Take apart the hard drive and dump the platter pieces into a bag.
6)(Optional) Dump the pieces of platter in a river and hope no one sees
you do it.

I was told this by a person with a 3 letter federal agency.  They best
way to erase a hard drive (for the average person) with critical data is
the above minus #5 & #6.  

If it was me...I would simply securely destroy the hard drive and buy a
new one.  Any more than 15-30 minutes is wasting my time.  I typically
wipe the drive a few times and hammer the sucker to pieces.  I have had
to do it for some clients...

-Michael Vaughan
mvaughan () predator-hunter com

Version: 3.1
GIT/GMD/GO d+ s+:+ a32 C++ UL+++ P+ L+++!E W+++ N++ o- K- w++++ O- M+ V
PS--- PE+ Y+ PGP++ t+++@ 5-- X++ R- tv b++++ DI+++ D--- G++ e* h-- r--

The information contained in this message may contain privileged and
confidential information and is intended only for the internal company
use of the individual or entity named above.  If the reader of this
message is not the intended recipient, or the employee or agent
responsible to deliver it to the intended recipient, you are hereby
notified that any examination, distribution or copying of this
communication is strictly prohibited.  Furthermore, any and all
recipients of this message are prohibited from engaging in the
unauthorized dissemination of the information contained herein to
person(s) outside the company.   If you have received this communication
in error, please notify sender immediately. 

-----Original Message-----
From: Dan Darden [mailto:dld2517 () yahoo com] 
Sent: Tuesday, October 29, 2002 11:35 PM
To: John Orr; security-basics () security-focus com
Subject: RE: Interesting One


Think atomically.  There can be millions of atoms in a apace the size of
pin tip.  A write head need not turn every atom in a layer of magnetic
material one way or the other.  It only needs to turn just enough
one way in order for the read head to pick it up again.  If we talk
about a
layer of magnetic material that is just .0001" thick we are still
about layers upon layers upon layers (need I go on....) of atomic

It can be done!

Dan Darden.

Email dld2517 () yahoo com for your security
questions and information.

Hoax Info: http://hoaxbusters.ciac.org

"Everyday I beat my own personal record for
number of consecutive days I've stayed
alive" -- Author Unknown

-----Original Message-----
From: John Orr [mailto:JOrr () austinbank com]
Sent: Tuesday, October 29, 2002 12:15 PM
To: dadams () johncrowley co uk; security-basics () security-focus com
Subject: Re: Interesting One

  Personally, I think he is full of... hot air.

  Bits are either "on" or "off", "1" or "0".  If you change that pattern
(i.e. write over the same data area with a different sequence of bits),
the previous state of that field would not be determinable.  Granted,
may be some residual magnetic field left on a particular area that is
"0" that had been "1", but the converse would not be true.  There would
no residual field to read on an area that is now "1" that had been "0".

  Sounds like sales fluff to me.

  Anyway, that is my opinion, based on years of experience and a good
knowledge of physics.


John Orr
Austin Bank
903.759.3828 x2113
903.297.3094 fax
jorr () austinbank com

"Dave Adams" <dadams () johncrowley co uk> 10/28/02 04:06PM >>>
Greetings Folks,

I had an interesting conversation today with someone from FAST
Against Software Theft) They pretend not to be a snitch wing of the BSA.
Anyway, to get to the point, the guy that came to see me said that their
forensics guys could read data off a hard drive that had been written
up to thirty times. I find this very hard to believe and told him I
he was mistaken but the guy was adamant that it could be done. My
is, does anyone have any views on this, or, can anyone point me to a
of information where I can get the facts on exactly how much data can be
retrieved off a hard drive and under what conditions etc etc.


Dave Adams

This message (and any associated files) is intended only for the
use of the individual or entity to which it is addressed and may
contain information that is confidential, subject to copyright or
constitutes a trade secret. If you are not the intended recipient
you are hereby notified that any dissemination, copying or
distribution of this message, or files associated with this message,
is strictly prohibited. If you have received this message in error,
please notify us immediately by replying to the message and deleting
it from your computer. Messages sent to and from
John Crowley (Maidstone) Ltd may be monitored.

Internet communications cannot be guaranteed to be secure or error-free
as information could be intercepted, corrupted, lost, destroyed, arrive
late or incomplete, or contain viruses. Therefore, we do not accept
responsibility for any errors or omissions that are present in this
message, or any attachment, that have arisen as a result of e-mail
transmission. If verification is required, please request a hard-copy
version. Any views or opinions presented are solely those of the author
and do not necessarily represent those of John Crowley (Maidstone) Ltd.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]