Home page logo

basics logo Security Basics mailing list archives

Re: Interesting One
From: Candice Ward <mcward () nc rr com>
Date: Wed, 30 Oct 2002 18:19:34 -0500

Of course it wouldn't need to be done at all after the fact if a simple
keyboard logger had already been placed on the monitored computer while its
user or owner was away from the office....

on 10/30/02 8:42 AM, Tim Donahue at TDonahue () haynesconstruction com wrote:

Yes, it can be done.. it would cost about 100k per drive and
the ability to access an electron scanning microscope. At 30
times I highly doubt they could recover anything of any value
anyway. Using most commercially available products like
"Encase", you can recover files that have been deleted, but
not overwritten. Once the data is overwritten you are getting
into using tools which are not available to the general
public as far as I am aware.


This is the reason that the standard destroying drives that contain
classified material is the physical destruction of the drive.  I am not
talking hitting the controller board with a hammer even, the platters need
to be destroyed.  From what I remember reading on this list, the prefered
methods are incineration, and / or a bucket of a strong acid.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]