Virus.Org IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.

 
. Welcome to the Virus.Org Mailing List Archive  
.
.


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


Re: Program to wipe data from disk free space
.

  • To: "Kurt Seifried" <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>
  • Subject: Re: Program to wipe data from disk free space
  • From: Keith Oxenrider <[EMAIL PROTECTED]>
  • Date: Mon, 11 Aug 2003 06:32:27 -0400
  • In-reply-to: <[EMAIL PROTECTED]>
  • References: <[EMAIL PROTECTED]>
.
 
Obviously I failed to adequately explain the purpose in my post. It was triggered by the article "Hard drives offer up secrets" as posted in the message "RE: Windows HD image for forensics testing" by madmex. I am aware of the residue of information left on a hard drive that has been overwritten; though I believe that most techniques to recover that data require opening the hard drive case and special equipment. I also believe that in order to overwrite data to the standards you and others have mentioned require special drivers that are probably OS/hard drive specific. Since it is (to the security aware community) well know that formatting a drive is a waste of time I felt that offering something that could be run on most any architecture (probably even DOS) by people with little or no knowledge programming (though obviously they would need a compiler) would be something useful. If I had a hard drive that stored something sensitive (like that in an ATM) I would physically destroy it. The salvage value of the drive is miniscule in comparison to the potential value of the information. But if I have a drive that is from my personal home machine that is being donated to a school I feel this is quite adequate for my protection. 


At 03:03 PM 8/10/2003 -0600, Kurt Seifried wrote:

Like most first attempt wiping programs this one fails miserably. It fails
to wipe slack space (i.e. 16k data allocations, a 10k file leaves 6k unused,
a previous file may have used it). It fails to wipe MFT space (small files
may be stored directly in the MFT). This would leave a TON of evidence. My
advice: Buy wiping software that actually works. I did some testing, the
commercial ones don't even fare to well, none of the amateur ones came even
close to being truly effective.


Kurt Seifried, [EMAIL PROTECTED]
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/


----- Original Message -----
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Saturday, August 09, 2003 9:32 AM
Subject: Program to wipe data from disk free space


>
>
> To indulge my paranoia I wrote a little ANSI C program to write random
> data to a drive.  I wrote it targeted toward Windows, but it should work
> with minimal editing on any machine with an ANSI C compiler.  It can be
> found at http://www.sol-biotech.com/code/wipeIt/wipeIt.c and I placed it
> in the public domain.
>
> -----------------------------------------------------------------
> This list is provided by the SecurityFocus ARIS analyzer service.
> For more information on this free incident handling, management
> and tracking system please see: http://aris.securityfocus.com
>



-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
 
.
.
 
Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.