Thanks Thanks:  0
Likes Likes:  0
Dislikes Dislikes:  0
Page 3 of 3 FirstFirst 123
Results 21 to 28 of 28

Thread: HDD hacking

  1. #21
    Senior Tech 100+ Posts df3036's Avatar
    Join Date
    Feb 2009
    Posts
    109
    Rep Power
    32
    Yes, I have been doing 3 at a time. Usually leave it overnight... Make sure to set the Master/slave settings. 1 master and one slave per cable. I have one of the four as the cd drive.
    Kittens give Morbo gas.

    A+, Network+, Server+, PDI+

  2. #22
    Senior Tech 250+ Posts
    Join Date
    Jun 2007
    Posts
    278
    Rep Power
    37
    I read a Link i saw on an internal Ricoh Website which mentioned that the reason we all believe that its possible to read data off of HDD after rewriting of the HDD is based on 14 year old technology HDD and one research paper so for many more modern dvds its most likely impossible.

    Here are some extracts from the blog which i belive is on a Ricoh Wan


    In 1996, Peter Gutmann presented a paper [GUT96] at a USENIX Security Symposium in which he claimed that overwritten data could be recovered using magentic force microscopy (MFM) and scanning tunneling microscopy (STM) techniques. This seminal paper alerted many people to the possibility that data which had been overwritten on an HDD could be recovered using such techniques. Lacking other research in this area, and despite a lack of corroboration, many of those people adopted Gutmann's conclusions and recommendations and have ever since believed that multiple overwrites are required to effectively render remnant data irretrievable. Gutmann's ultimate recommendation was that no fewer than 35 (!) overwrite passes should be performed to ensure that the original data cannot be retrieved.

    However, in the context of current HDD technology, there are several problems with Gutmann's work:

    Gutmann focused on two disk technologies — modified frequency modulation and run-lenth-limited encoding — that rely on detection of a narrow range of analog signal values and have not been used for HDDs in the last 10-15 years. Modern HDDs use various kinds of partial-response maximum-likelihood (PRML) sequence detection that uses statistical techniques to determine the maximum likelihood value associated with multiple signal detections [WRIG08].
    Further, areal density (density of data per square unit of area, the product of bit-per-inch linear density and track-per-inch track density) has increase by at least three orders of magnitude [SOBE04] [WIKI08] since the publication the Gutmann paper. To achieve such densities, head positioning actuators have become significantly more accurate and repeatable.
    Moreover, Gutmann's work paper was theoretical, and I am not aware of any practical validation that data could be recovered using the techniques he described.
    Gutmann's work has resulted in the formation of another urban legend.


    Current research
    Fortunately, several security researchers presented a paper [WRIG08] at the Fourth International Conference on Information Systems Security (ICISS 2008) that declares the “great wiping controversy” about how many passes of overwriting with various data values to be settled: their research demonstrates that a single overwrite using an arbitrary data value will render the original data irretrievable even if MFM and STM techniques are employed.

    The researchers found that the probability of recovering a single bit from a previously used HDD was only slightly better than a coin toss, and that the probability of recovering more bits decreases exponentially so that it quickly becomes close to zero.

    Therefore, a single pass overwrite with any arbitrary value (randomly chosen or not) is sufficient to render the original HDD data effectively irretrievable.

    Of course like many things we do and sell things so we meet the customers requirements and expectations..

  3. #23
    Self Employed 1,000+ Posts D_L_P's Avatar
    Join Date
    Oct 2009
    Location
    Canton, Ohio
    Posts
    1,196
    Rep Power
    53
    Good info. Very useful.

  4. #24
    Senior Tech 100+ Posts
    Join Date
    Mar 2009
    Posts
    166
    Rep Power
    0
    From what I understand, and information given to me, to securely wipe a hdd, you need to do a complete erase 32 times. forensics can still get info if you do less than this.

    also the us government will only allow its citizens to legally use 128 bit encryption. If you do use a higher bit encryption, you must supply the encryption key when asked or face an immediate jail term ( unlimited i think, or until you give the key over)

    a good encryption program is PGP (Pretty Good Privacy)
    Sorry folks, reputation removed by Just Manuals, because he's a sad little wanker

  5. #25
    All things Konica Minolta 1,000+ Posts Stirton.M's Avatar
    Join Date
    Oct 2009
    Location
    Calgary
    Posts
    1,813
    Rep Power
    52
    Quote Originally Posted by Morlock49 View Post
    From what I understand, and information given to me, to securely wipe a hdd, you need to do a complete erase 32 times. forensics can still get info if you do less than this.

    also the us government will only allow its citizens to legally use 128 bit encryption. If you do use a higher bit encryption, you must supply the encryption key when asked or face an immediate jail term ( unlimited i think, or until you give the key over)

    a good encryption program is PGP (Pretty Good Privacy)
    Funny that privacy laws in the US are much stricter than here in Canada. I would be of the opinion that freedoms of that sort would be the opposite, yet not so. That said....

    The case here is the encryption of data on a hard drive for a copier/printer. Most MFP devices do not have this. The company I work for, Konica Minolta, we sell encryption kits as an option to the end user. Not many of our customers have ever bought one, let alone understand the need. These are all based on the 128 bit level you mentioned. Using Kerberos if I recall.

    Paulg posted information that speaks about the 32 writes. I have not heard about that for many years. In Paul's post, a single write process is needed to effectively wipe a hard drive. The process of writing a bunch of zeros and then a bunch of ones is effectively two wipes.

    My brother in-law works for the Canadian Forces as a civilian data security consultant. Some conversations with him, he tells me a 5 time overwrite process (both 1 and 0) will effectively destroy any latent data to be found on any current hard drive. With the exception of labs like his, the rest of us will be completely unable to retrieve any data off a hard drive. His lab can and has been able to retrieve limited pieces of information. The general gist was that the longer the information stayed on the drive in the position where it was first written, the more likely the signature of that data would remain, regardless of the rewrite process. He could not elaborate on this any further, since this delves into official secrets. Suffice it to say, there is very little likelyhood that anyone outside of military/intelligence circles are going to be able to retrieve data off our hard drives after a 5 pass wipe, much less a single wipe.

    I can retrieve data off a hard drive that has been formatted or partitioned, I have several programs to do this. But I cannot do it if that data has been overwritten, especially in cases of data wiping.
    "Many years ago I chased a woman for almost two years, only to discover that her tastes were exactly like mine: we both were crazy about girls."
    ---Groucho Marx


    Please do not PM me for questions related to Konica Minolta hardware.
    I will not answer requests or questions there.
    Please ask in the KM forum for the benefit of others to see the question and give their input.

  6. #26
    Senior Tech 100+ Posts verderacer's Avatar
    Join Date
    May 2008
    Location
    Sunny Arizona
    Posts
    158
    Rep Power
    34
    I wish I had seen this conversation earlier but I will give my 2 cents worth now.

    Quote Originally Posted by Stirton.M View Post
    He could not elaborate on this any further, since this delves into official secrets.
    Sorry but I have to laff here... Official secrets? Well then most of those secrets are all floating around the silicon valley area of California home to 4 of the largest drisk drive mfg's in the world. I hate to say it but they are not really secrets and any engineer worth damn in the disk drive industry knows those secrets. I am sure if your hang around the engineers over at Seagate, start reading the published white papers, and attend a few conferences can figure it out. I am simplifying it somewhat here but its definately doable. Then there is the geek factor that not only reads all the above but spends countless hours figuring it all out in the sheltered space of their room with nothing more than a few computers, a couple of flavors of unix/linux and a bunch of old drives.

    My experience with RICOH unencrypted drives is that data can be recovered. It just takes the right tools to do it and they are easy to find on the internet. In the statements above regarding the storage of data are generally true though there is a lot more involved on how the data is recovered. There is only 1 real way to prevent any kind of data recovery and that is to consume the drive or otherwise melt it down. For most people and companies as mentioned before a 3 pass overwrite will usually be suffice.
    Ricoh & Microsoft may pay the bills but Un*x saves my ass every day.
    MCSE/CCNE/ENS and other crap...

  7. #27
    All things Konica Minolta 1,000+ Posts Stirton.M's Avatar
    Join Date
    Oct 2009
    Location
    Calgary
    Posts
    1,813
    Rep Power
    52
    Quote Originally Posted by verderacer View Post
    I wish I had seen this conversation earlier but I will give my 2 cents worth now.



    Sorry but I have to laff here... Official secrets? Well then most of those secrets are all floating around the silicon valley area of California home to 4 of the largest drisk drive mfg's in the world. I hate to say it but they are not really secrets and any engineer worth damn in the disk drive industry knows those secrets. I am sure if your hang around the engineers over at Seagate, start reading the published white papers, and attend a few conferences can figure it out. I am simplifying it somewhat here but its definately doable. Then there is the geek factor that not only reads all the above but spends countless hours figuring it all out in the sheltered space of their room with nothing more than a few computers, a couple of flavors of unix/linux and a bunch of old drives.

    My experience with RICOH unencrypted drives is that data can be recovered. It just takes the right tools to do it and they are easy to find on the internet. In the statements above regarding the storage of data are generally true though there is a lot more involved on how the data is recovered. There is only 1 real way to prevent any kind of data recovery and that is to consume the drive or otherwise melt it down. For most people and companies as mentioned before a 3 pass overwrite will usually be suffice.
    I am talking about Official Secrets in relation to the Canadian Armed Forces and what they have at their disposal regarding forensics tools, which are generally not available to anyone in the public sector, outside of law enforcement circles.
    "Many years ago I chased a woman for almost two years, only to discover that her tastes were exactly like mine: we both were crazy about girls."
    ---Groucho Marx


    Please do not PM me for questions related to Konica Minolta hardware.
    I will not answer requests or questions there.
    Please ask in the KM forum for the benefit of others to see the question and give their input.

  8. #28
    Bizhubuser
    Guest

    Re: HDD hacking

    I stumbled upon this discussion and found it to be fascinating; to satisfy my curiousity I took an old Bizhub C250 HD, created an image, and am attempting to extract data from it to see how complicated this might be. So far, I can see a directory structure of sorts, looks like FAT16, but it doesn't look like there are any files in there. Does anyone know for sure what filesystem this type of machine uses? Someone suggested option 2 = hooking the drive back up to the C250 and reprinting or dumping the files out, but I'm not seeing a way to do that. Anyone have success with option 2?

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Get the Android App
click or scan for the Copytechnet Mobile App

-= -= -= -= -=


IDrive Remote Backup

Lunarpages Internet Solutions

Advertise on Copytechnet

Your Link Here