Brian Hill Posted January 15, 2007 Share Posted January 15, 2007 I hope I put this in the right forum Is security erasing really good if people can still recover even after several overwrites were performed. I heard about this MFM (Magnetic force microscopy) scan but theres not too much information about it. Heck DOD says the way to really be secure is shred your hard drive but not everyone can keep affording to shred and buy hard drives. Is there any way to Securely destroy MFM (Magnetic force microscopy) traces so that hackers don't find weaknesses to attack my servers. Link to comment Share on other sites More sharing options...
Humpty Posted January 15, 2007 Share Posted January 15, 2007 Not sure what you mean but wouldn't anyone using MFM need to have physical possession of the hard drive to carry out any MFM? Link to comment Share on other sites More sharing options...
JDPower Posted January 16, 2007 Share Posted January 16, 2007 Not sure what you mean but wouldn't anyone using MFM need to have physical possession of the hard drive to carry out any MFM? Correct. Did some googling and found this very interesting article on the subject of data recovery: http://www.nber.org/sys-admin/overwritten-data-guttman.html Also this rather heavyweight article which comes to the following conclusion: In the time since this paper was published, some people have treated the 35-pass overwrite technique described in it more as a kind of voodoo incantation to banish evil spirits than the result of a technical analysis of drive encoding techniques. As a result, they advocate applying the voodoo to drives even though it will have no more effect than a simple scrubbing with random data. In fact performing the full 35-pass overwrite is pointless for any drive since it targets a blend of scenarios involving all types of (normally-used) encoding technology, which covers everything back to 30+ year-old MFM methods. If you're using a drive which uses encoding technology X, you only need to perform the passes specific to X, and you never need to perform all 35 passes. For any modern drive, a few passes of random scrubbing is the best you can do. As the paper says, "A good scrubbing with random data will do about as well as can be expected". This was true in 1996, and is still true now. Looking at this from the other point of view, with the ever-increasing data density on disk platters and a corresponding reduction in feature size and use of exotic techniques to record data on the medium, it's unlikely that anything can be recovered from any recent drive except perhaps one or two levels via basic error-cancelling techniques. In particular the the drives in use at the time that this paper was originally written have mostly fallen out of use, so the methods that applied specifically to the older, lower-density technology don't apply any more. Conversely, with modern high-density drives, even if you've got 10KB of sensitive data on a drive and can't erase it with 100% certainty, the chances of an adversary being able to find the erased traces of that 10KB in 80GB of other erased traces are close to zero. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now