Hi Matthew, hi everybody, Matthew Brown wrote: > > It might be possible to examine recently overwritten data at the > bit level. This would involve removing the platters from the hard drive > case in a level-10 clean room and remounting them on a highly expensive, > highly sensitive electromagnetic field reader. Since a hard disc is a magnetic device, it doesn't write 0 and 1 as atomic elements. A 1 or a 0 is expressed as a change of the magnetic pattern (this change of the magnetic flow causes a induction in the head that reads the data). Therefore, write and a read is always very fuzzy. Since mangnetic substances alway retain there properties, it is absolutely possible to read overwritten data. If you draw a curve it is easy to imagine: A 1 that was a 0 before will be slightly lower than a 1 that was a 1 before. > > 1. I was unable to find any commercial services that advertise or perform > this procedure. As other already pointed out, qbas is such a service. I am not sure, but maybe ontrack is also able to do this. > 2. Even if it were possible, I'd like to see counsel explaining to a > judge how their experts changed the bits to render their evidence. Thats indeed an interesting question. A court will (hopefully) first consider other sources of information. But what about espionage?? Just my 2 cents, Cheers, Dani -- Dani Oderbolz Eichenweg 5 8424 Embrach Switzerland Sent through GMX FreeMail - http://www.gmx.net
This archive was generated by hypermail 2b30 : Mon Apr 30 2001 - 17:09:01 PDT