|
Technical information
Formats & Overwrites versus security
DOS Format
No Security
A single DOS command could totally restore the drive. Although the drive would seemingly appear empty, the old content can be viewed with a disk editor (available freely on the Internet).
Format with 1 pass overwrite
High Security
After one overwrite, data is not recoverable by any method involving a Keyboard (no software solution). Theoretically, the original data could be recovered using an oscilloscope and some complex custom software. It is possible that a commercial data recovery company such as Vogon may be able to recover some data from the drive, however it would be extremely costly.
Depending on the size of the drive, either a random or repeated series of binary digits (01001001) are written to every sector on the drive.
Format with 1 pass overwrite
Total security
There is no known forensic software within the public or commercial domain that will recover data after a drive has been through this process. It is possible that data could be recovered using Magnetic force scanning microscopy (STM) but this process is considered available only to select government agencies.
One pass overwrite technique is carried out 3 times.
Assessing sensitivity of the original data
When assessing the sensitivity of the original data, it is important to be aware of what data could be present on the hard drives. As most large organisations operate a server-based system, the likelihood of sensitive data being stored on workstation hard drives is low. It is possible that during server failure, data may inadvertently be stored on the workstation hard drive.
Another security factor is the possible information that could be gleaned from the operating system configuration settings. Knowledge of these settings (IP addresses, domain and router names etc.) do provide an insight into the general working of the network.
Due to the Hard drive architecture it is theoretically possible to recover some data by scanning the minute traces of residual magnetisation left on the platters. However, techniques such as these are only be available to intelligence services as they require expensive laboratory equipment and are only practical for very small amounts of targeted data.
Please Note: The US Department of Defence DOD 5220.22-M7 is the defacto world-wide standard for assessing and combating risks to IT systems. Unfortunately in the UK, government guidelines are not available outside select agencies and thus cannot be included in this document.
A 3 stage over-wipe is the approved method as specified within this document for any reclassifying of Classified hard drives in secure Automated Information Systems, even those certified and accredited for Special Access Programs, but is not approved for purging disks at any level above Secret.
References:
Secure Deletion of Data from Magnetic and solid-state memory by Peter Gutmann.
This paper was first published in the Sixth USENIX Security symposium Proceedings, San Jose, California July 22-25, 1996.
DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on Waste Electrical and Electronic Equipment (WEEE)
DOD 5200.28-STD - DEPARTMENT OF DEFENCE TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA
|