[133501] in cryptography@c2.net mail archive
=?iso-8859-1?Q?First_sighting_of_real-life_AFM_data_retrieval=3F__=5B=A1P?=
daemon@ATHENA.MIT.EDU (Dave Korn)
Thu Sep 18 19:43:02 2008
From: "Dave Korn" <dave.korn@artimi.com>
To: <cryptography@metzdowd.com>
Date: Thu, 18 Sep 2008 18:52:09 +0100
I forget where it was that I recall a thread about this recently; could have
been here, could have been a security list, could even have been the comments
page of an ElReg or Slashdot article or a Schneier blog post ...
... but anyway, there was a thread somewhere recently the gist of which was:
''Disk erasing software is security theatre, because nobody has ever
actually done AFM recovery and it wouldn't be practical and it probably
wouldn't work on modern drives and nobody could ever afford it and it would
take years and generate terabytes of image data that you'd need a bank of
Crays to process and besides nobody has ever made a public claim of it having
been done, and all these data recovery firms say it's not an option and
nobody's ever actually done it.''
Which is why I was brought up short in my tracks by this offhand, almost
throwaway couple of lines from a story a couple of days ago:
http://www.theregister.co.uk/2008/09/17/cyber_crime_fighting/
" After getting a search warrant and confiscating his hard drive,
investigators were forced to scour through its remains using an electron
microscope, and the price of $100,000 per pass. "
The claim comes from "Robert Schperberg, forensics lead for Chevron, [ ...
]at the MIS Training Institute's IT Security World conference in San
Francisco", and is otherwise unverified. I haven't been able to get hold of
any kind of transcript, so thus far it only has the status of "Something
someone said when giving a talk at a conference".
It could easily be deliberate propaganda or misinformation, or it could just
be that the speaker was passing on something he'd heard but never checked up
on.
Does anyone here know anything about this case? Or have *anything* solid
*at all* on firms or labs who do now or have ever in the past offered HD
recovery using scanning microscopy techniques?
cheers,
DaveK
--
Can't think of a witty .sigline today....
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
