Good job digging that up, and it does seem to support what you said before.
I think you're referring to *As concluded in [14]: “it is effectively
impossible to sanitize storage locations by simply overwriting them, no
matter how many overwrite passes are made or what data patterns are
written.”*
Which is a quote from P. Gutmann, “Secure Deletion of Data from Magnetic
and Solid-State Memory,” Proceedings of the Sixth USENIX Security
Symposium, pp. 22-25, 1996. It's available at
http://www.softpres.org/cache/SecureDeletionOfDataFromMagneticAndSolidStateMemory.pdf
The full quote from that paper is:
Data which is overwritten an arbitrarily large number of times can still be
recovered ***provided that the new data isn't written to the same location
as the original data (for magnetic media), or that the recovery attempt is
carried out fairly soon after the new data was written (for RAM). For this
reason*** it is effectively impossible to sanitise storage locations by
simple overwriting them, no matter how many overwrite passes are made or
what data patterns are written.
Emphasis added. Most modern tools account for this, and Mac even has built
in tools to overwrite the unused portion of disk seven times to securely
erase them and includes an option in the trash bin to securely erase by
overwriting those parts of the disk. A lot's changed from 1996.
On Wed, Mar 9, 2016 at 3:03 PM, douglas rankine <
douglasrankine2001@xxxxxxxxxxx> wrote:
see url: https://cryptome.org/2014/05/sse-protocol.pdf
Dear Michael Best & Colleagues,
Some time ago, I mentioned a paper that I had read which said that a hard
disk could not have all the information erased and that with the proper
forensic software, it would be possible to strip back each layer of
magnetic information right to when the disk was first made. I think I may
have found that research paper, and its contents might just be poignant to
the current case USG v Apple...or it might not... :-). My understanding is
that the storage hardware on the device will most likely be of the solid
state type, which is not as secure in being wiped, as a moving hard disk.
I have found that paper which I give the url above. The relevant paragraph
is on Page 1 at A.
Now, please understand, I am not a techie...and I may be getting the
conclusions about the ability to access original information on a hard disk
all wrong.
Or, I might be right, but Apple has progressed in its software technical
ability to destroy all the information on the phones storage system. But,
if I am not, then the present case between USG v Apple to get Apple to
produce a hack which will give access to the information on Farooks iphone
may be irrelevant. This is because of my surmise that the Apple erasure
software may not erase the information on the storage medium on the phone
to a point where it cannot be regained, at all. If my surmise is correct,
then there is no need for the FBI to bother about cracking the password
within 10 times...They can make as many attempts as they like...eventually,
they will crack the password and then get access to the information.
That is my theory...but as I say, I don't really know the ins and outs of
the technical stuff, or how all this forensic software works, or even how
sensitive it is to picking up on those magnetic layers of digitised
information. And there is a lot of techie stuff and mathematics here which
I don't understand, far less the molecular and nano stuff.
My surmise was triggered by the report of GCHQ actually making the
Gaurdian physically destroy not only the hard disk, but the motherboard and
other hardware components in the computer which contained the Snowden
documents...to their satisfaction. I wondered why they did this, rather
than use forensic erasure equipment to wipe it, or even just take away the
relevant bits of the computers and securely dispose of them...Perhaps it
was a publicity stunt after all...
Anyway, perhaps you guys on here can take a look at it and I'd be grateful
if you would tell me where I have gone wrong...Maybe it is just some group
out to make some money...
I hope this helps.
ATB
Dougie.