[40042] in bugtraq
Re: Peter Gutmann data deletion theaory?
daemon@ATHENA.MIT.EDU (Michael Sierchio)
Mon Aug 1 15:03:05 2005
Message-ID: <42E7DC1C.7090309@tenebras.com>
Date: Wed, 27 Jul 2005 12:10:20 -0700
From: Michael Sierchio <kudzu@tenebras.com>
MIME-Version: 1.0
To: Jared Johnson <jaredsjazz@Yahoo.com>
Cc: focus-ms@securityfocus.com, bugtraq@securityfocus.com
In-Reply-To: <20050720235626.17186.qmail@mail.securityfocus.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Jared Johnson wrote:
> Do you all agree with Peter Gutman's conclusion on his theory that data can
> never really be erased, as noted in his quote below:
Yes. Patterns of overwriting can offer a probabilistic assurance of
deletion, but not a promise. There is also the problem that disks
will silently remap sectors if they're error-prone, so it's not possible
in all cases to overwrite them.
If you're short on fishwrap, puppy training supplies, or birdcage liner,
you can print out an old whitepaper I wrote when I was trying to promote
a company based on a secure deletion scheme. My proposal is to transparently
encrypt every file with a different key, and assure deletion by losing the
key.
http://www.tenebras.com/papers/wp-draft.pdf
