Talk:Data remanence

From Wikipedia, the free encyclopedia

This is the talk page for discussing improvements to the Data remanence article. This is not a forum for general discussion about the article's subject.
Please sign and date your posts by typing four tildes (~~~~). Put new text under old text. Click here to start a new topic. New to Wikipedia? Welcome! Ask questions, get answers.	Be polite Assume good faith No personal attacks Be welcoming	Article policies No original research Neutral point of view Verifiability

Contents 1 CDs DVDs and Microwave ovens 2 Flash memory 3 "A computer must be disconnected from any external network before a purge." 4 Proposed merge 4.1 Merge revisited 5 Resources 5.1 External Links 6 gutmann 35-passes 7 External links (marketing?) 8 NISPOM 9 Disc shredderer 10 Huh?? 11 Negative 12 Gutmann fallacy

[edit] CDs DVDs and Microwave ovens

I removed the following edit:

"The definetely easiest way to destruct a data disc, is to put it into a microwave. This ensures that the data is completely unrecoverable"

I've heard this suggestion before, but I have never seen an authoritative source, nor instructions for how long at what power level, avoiding possible damage to oven, out gassing and fire hazards. Additional info would be welcome. --agr 20:16, 9 December 2005 (UTC)

Here is one page I found: http://users.knoware.nl/users/veldman/frans/english/cdrom.htm . While it is obvious from looking at the picture shown that the CD will no longer be readable in a normal drive, it is less clear that all areas are rendered unreadable by, say, an electron microscope. --agr 15:36, 19 December 2005 (UTC)

Here is a wikicommons image

--agr 05:15, 30 December 2005 (UTC)

[edit] Flash memory

what about flash memory media? - Omegatron 02:09, May 12, 2005 (UTC)

Good question. I tried to address it. --agr 03:44, 12 May 2005 (UTC)

I would like to verify the following statement about flash memory devices: Data tends to "burn in" the longer it is stored ... ?? Does anybody have references? --Heiko 10:45, 6 September 2005 (UTC)

Look at the article's second reference. --agr 17:45, 6 September 2005 (UTC)

[edit] "A computer must be disconnected from any external network before a purge."

This phrase has a cargo-cult ring. I'm now using Knoppix, browsing the web with links (reading up on data remanence), and wiping my hard disk with dd.

[edit] Proposed merge

This is a higher level, more inclusive, rubric than wipe and so there should not be a merger. Especially in that wipe is usually used in connection only with read/write media and, in particular, magnetic media such as hard drives. Comments from others? ww 22:38, 11 July 2006 (UTC)

The two articles are really dealing with the same thing. One article approaches it from the standpoint of the problem (Data remanence), the other from (one possible) solution (Disk wipe), but they are both dealing with the same subject matter. I think they should be cleaned up and merged. --DragonHawk 02:46, 14 August 2006 (UTC)

[edit] Merge revisited

This was posted to my talk page on 1 Jan 2007, by Tocharianne:

I was looking through old merge tags and found data remanence/file wiping/shredding. Do you feel there was any consensus to merge? It seems like everything could go under a generic title, like Data deletion, with wiping and shredding being two methods and data remanence being an unintended side effect. Tocharianne 03:32, 1 January 2007 (UTC)

My response:

I saw little to no input, for or against merging. My opinion: They should be merged. Data remanence should be the final article. File wiping should redirect to the final article. Shredding should redirect to Shredding (disambiguation), which should contain a link to the final article. My rationale: Data remanence is the fundamental topic at hand. When most people "delete" something from a computer, they think it is gone. Data remanence describes how that is not always true. "Wipe", "shred", "secure erase", "sanitize", etc., all describe methods for countering data remanence -- without data remanence, you have no need for the methods. "Data deletion" could arguably also deal with how files get deleted in situations where you don't care about data remanence (i.e., normal operations), but "data remanence" will always be about this topic. My two cents.  :) --DragonHawk 07:48, 2 January 2007 (UTC)

Ah, I misunderstood the sequence. First someone deletes a file, then it turns out there are traces left (data remanence), so you have to use extreme measures (like shredding or file wiping). Now it makes sense to have Data Remanence (this article) be the main one.

I looked at Shredding "what links here" and most of the links are for the meaning of paper-shredding or guitar-shredding so probably the disambiguation page should be moved there. (Someone else on the talk page also suggested that.)

So if no one objects we can redirect File wiping here, copy the text from Shredding here, then redirect or move the Shredding disambiguation page. Tocharianne 03:44, 3 January 2007 (UTC)

I merged File wiping to Shreding; I haven't merged to Data remanance yet. —Quarl ^(talk) 2007-02-26 00:27Z

[edit] Resources

If you're interested in this stuff(which i must say im not, but its quite good to have some knowledge about everything right?), you can find some good publications and information here:

[edit] External Links

http://www.forensics.nl/links

http://cryptome.sabotage.org/afssi5020.htm

http://www.infosyssec.net/infosyssec/milsec1.htm

http://www.darkstonedata.com/business/security5.html

http://csrc.nist.gov/publications/drafts/DRAFT-sp800-88-Feb3_2006.pdf

http://www.marcorsyscom.usmc.mil/sites/ia/references/don/NAVSO%20P5239-26%20Remanence%20Security.pdf

there is a plethora of information on the topic in those links, much of which could be incorpoated into this article with some transformation here and there. they are exellent resources on the whole subject, some old some new. --AF1987 22:40, 18 July 2006 (UTC)

[edit] gutmann 35-passes

"Gutmann suggests overwriting data in 35 passes" is basically wrong. in the epilogue section of the linked article, it says that only the passes related to the specific architecture of the target media are necessary, and doing all 35 of them is complete overkill. i'm a lazy anonymous user, so someone please correct this. 147.154.235.51 18:14, 25 July 2006 (UTC)

[edit] External links (marketing?)

removed googole search did not demostrated this company is not particularily significant in this topic.

• [BLACKLISTED LINK REMOVED: http://www.computation.to]- A Canadian computer recycling company specialising in secure data destruction and landfill diversion, facilities in Toronto and Montreal.

[edit] NISPOM

This article cites NISPOM several times on data remanence. I'm afraid the current edition of the offical NISPOM does not actually include anything on methods for clearing or sanitization (purge, in the article's terms); it merely states when they are required. I have encountered no official NISPOM which does include this. The NISPOM is a very general document; information systems is only one chaper, and sanitization only a couple of paragraphs.

I suspect what popular lore has attributed to NISPOM is actually from the DSS Clearing and Sanitization Matrix, which does specify methods. There is a PDF floating around on the Internet which presents a NISPOM with a C&SM incorporated into it. That is the PDF on the usaid.gov site, linked to by the article. I have no idea if that is an official document, or someone's convenience addition.

You can find a link to the DSS C&SM at the DSS website (column on right, under "Guidance", about 3/4 of the way down). Unfortunately for Wikipedia, the current DSS C&SM is restricted as For Official Use Only. I have a copy at work, but I cannot distribute it, or divulge it's contents, for that reason.

My intention is to remove references to the NISPOM from this article, as they are incorrect. However, I am not sure what to replace these NISPOM references with.

Feedback?

--DragonHawk 03:06, 14 August 2006 (UTC)

[edit] Disc shredderer

ThinkGeek sells a disc shredderer for CD and DVD discs. http://www.thinkgeek.com/gadgets/security/6d7f/

[edit] Huh??

I don't understand this:

In addition even if a sector is overwritten the phenomenon of data remanence can make deleted data forensically recoverable.

If the data is overwritten, what is left to allow recoverability? Its aura?? The way this is presented now, it sounds frankly occult; the details need to be explained.

• On older style magnetic media the bits "are big" - allowing special methods to recover the overwritten data. This is not a problem for modern hard discs, where a single pass will destroy data.

[edit] Negative

This is very different than shredding which involes only a physical process. data-destruction and data-loss are related, but also differnent in scope and inclusion.

Justin James McCorkle, 08 March 2007

thanks to those who removed the incorrect English posted earlier in this forum. —The preceding unsigned comment was added by Harkonlucas (talk • contribs) 19:18, 8 March 2007 (UTC).

[edit] Gutmann fallacy

This article mentions that Gutmann suggests a 35 overwrite cycle. He never suggested this. Guttman said 3 over writes is enough for any type of drive controller. The Guttman method provides overwrite patterns for 35 different types of drive controller. You'd only use all 35 methods if you did not know which type of drive controller you're using. DanBeale 13:02, 31 March 2007 (UTC)

I see I've said the same as the lazy anon above, so I'll just edit the article. DanBeale 16:58, 31 March 2007 (UTC)