Obviously I failed to adequately explain the purpose in my post. It was triggered by the article "Hard drives offer up secrets" as posted in the message "RE: Windows HD image for forensics testing" by madmex. I am aware of the residue of information left on a hard drive that has been overwritten; though I believe that most techniques to recover that data require opening the hard drive case and special equipment. I also believe that in order to overwrite data to the standards you and others have mentioned require special drivers that are probably OS/hard drive specific. Since it is (to the security aware community) well know that formatting a drive is a waste of time I felt that offering something that could be run on most any architecture (probably even DOS) by people with little or no knowledge programming (though obviously they would need a compiler) would be something useful. If I had a hard drive that stored something sensitive (like that in an ATM) I would physically destroy it. The salvage value of the drive is miniscule in comparison to the potential value of the information. But if I have a drive that is from my personal home machine that is being donated to a school I feel this is quite adequate for my protection. At 03:03 PM 8/10/2003 -0600, Kurt Seifried wrote: >Like most first attempt wiping programs this one fails miserably. It fails >to wipe slack space (i.e. 16k data allocations, a 10k file leaves 6k unused, >a previous file may have used it). It fails to wipe MFT space (small files >may be stored directly in the MFT). This would leave a TON of evidence. My >advice: Buy wiping software that actually works. I did some testing, the >commercial ones don't even fare to well, none of the amateur ones came even >close to being truly effective. > > >Kurt Seifried, kurtat_private >A15B BEE5 B391 B9AD B0EF >AEB0 AD63 0B4E AD56 E574 >http://seifried.org/security/ > > >----- Original Message ----- >From: <koxenrider@sol-biotech.com> >To: <forensicsat_private> >Sent: Saturday, August 09, 2003 9:32 AM >Subject: Program to wipe data from disk free space > > > > > > > > To indulge my paranoia I wrote a little ANSI C program to write random > > data to a drive. I wrote it targeted toward Windows, but it should work > > with minimal editing on any machine with an ANSI C compiler. It can be > > found at http://www.sol-biotech.com/code/wipeIt/wipeIt.c and I placed it > > in the public domain. > > > > ----------------------------------------------------------------- > > This list is provided by the SecurityFocus ARIS analyzer service. > > For more information on this free incident handling, management > > and tracking system please see: http://aris.securityfocus.com > > ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Aug 11 2003 - 12:45:38 PDT