Talk:Data remanence

From Wikipedia, the free encyclopedia

This is the talk page for discussing improvements to the Data remanence article.

Article policies

Contents

[edit] CDs DVDs and Microwave ovens

I removed the following edit:

"The definetely easiest way to destruct a data disc, is to put it into a microwave. This ensures that the data is completely unrecoverable"

I've heard this suggestion before, but I have never seen an authoritative source, nor instructions for how long at what power level, avoiding possible damage to oven, out gassing and fire hazards. Additional info would be welcome. --agr 20:16, 9 December 2005 (UTC)

Here is one page I found: http://users.knoware.nl/users/veldman/frans/english/cdrom.htm . While it is obvious from looking at the picture shown that the CD will no longer be readable in a normal drive, it is less clear that all areas are rendered unreadable by, say, an electron microscope. --agr 15:36, 19 December 2005 (UTC)

Here is a wikicommons image

--agr 05:15, 30 December 2005 (UTC)

[edit] Flash memory

what about flash memory media? - Omegatron 02:09, May 12, 2005 (UTC)

Good question. I tried to address it. --agr 03:44, 12 May 2005 (UTC)

I would like to verify the following statement about flash memory devices: Data tends to "burn in" the longer it is stored ... ?? Does anybody have references? --Heiko 10:45, 6 September 2005 (UTC)

Look at the article's second reference. --agr 17:45, 6 September 2005 (UTC)
That paper by Peter Gutmann refers to SRAM, which is entirely different from flash memory. I am going to remove the entire section, at least until more reliable information comes about. Nimakha 05:57, 4 August 2007 (UTC)


[edit] "A computer must be disconnected from any external network before a purge."

This phrase has a cargo-cult ring. I'm now using Knoppix, browsing the web with links (reading up on data remanence), and wiping my hard disk with dd.

I suspect this came from NSA guidelines which basically state that if a computer has classified info on it, anything which touches said computer becomes classified to that level. I call it "classification by contamination". The only way they allow mutli-level security is with software designed with that in mind (hint: stock Linux doesn't cut it). You can read all about it in NISPOM if you like. It wouldn't apply to most personal/business data, unless you're as paranoid as the NSA is. In any event, this got dropped in my recent rewrite. I suspect it doesn't really belong in this article. —DragonHawk (talk|hist) 07:51, 10 December 2007 (UTC)

[edit] Proposed merge

Y Done

This is a higher level, more inclusive, rubric than wipe and so there should not be a merger. Especially in that wipe is usually used in connection only with read/write media and, in particular, magnetic media such as hard drives. Comments from others? ww 22:38, 11 July 2006 (UTC)

The two articles are really dealing with the same thing. One article approaches it from the standpoint of the problem (Data remanence), the other from (one possible) solution (Disk wipe), but they are both dealing with the same subject matter. I think they should be cleaned up and merged. --DragonHawk 02:46, 14 August 2006 (UTC)

[edit] Merge revisited

This was posted to my talk page on 1 Jan 2007, by Tocharianne:

I was looking through old merge tags and found data remanence/file wiping/shredding. Do you feel there was any consensus to merge? It seems like everything could go under a generic title, like Data deletion, with wiping and shredding being two methods and data remanence being an unintended side effect. Tocharianne 03:32, 1 January 2007 (UTC)

My response:

I saw little to no input, for or against merging. My opinion: They should be merged. Data remanence should be the final article. File wiping should redirect to the final article. Shredding should redirect to Shredding (disambiguation), which should contain a link to the final article. My rationale: Data remanence is the fundamental topic at hand. When most people "delete" something from a computer, they think it is gone. Data remanence describes how that is not always true. "Wipe", "shred", "secure erase", "sanitize", etc., all describe methods for countering data remanence -- without data remanence, you have no need for the methods. "Data deletion" could arguably also deal with how files get deleted in situations where you don't care about data remanence (i.e., normal operations), but "data remanence" will always be about this topic. My two cents.  :) --DragonHawk 07:48, 2 January 2007 (UTC)
Ah, I misunderstood the sequence. First someone deletes a file, then it turns out there are traces left (data remanence), so you have to use extreme measures (like shredding or file wiping). Now it makes sense to have Data Remanence (this article) be the main one.
I looked at Shredding "what links here" and most of the links are for the meaning of paper-shredding or guitar-shredding so probably the disambiguation page should be moved there. (Someone else on the talk page also suggested that.)
So if no one objects we can redirect File wiping here, copy the text from Shredding here, then redirect or move the Shredding disambiguation page. Tocharianne 03:44, 3 January 2007 (UTC)

I merged File wiping to Shreding; I haven't merged to Data remanance yet. Quarl (talk) 2007-02-26 00:27Z

I've done the rest. See #Overhaul and merge below. —DragonHawk (talk|hist) 07:44, 10 December 2007 (UTC)

[edit] Resources

If you're interested in this stuff(which i must say im not, but its quite good to have some knowledge about everything right?), you can find some good publications and information here:

[edit] External Links

http://www.forensics.nl/links

http://cryptome.sabotage.org/afssi5020.htm

http://www.infosyssec.net/infosyssec/milsec1.htm

http://www.darkstonedata.com/business/security5.html

http://csrc.nist.gov/publications/drafts/DRAFT-sp800-88-Feb3_2006.pdf

http://www.marcorsyscom.usmc.mil/sites/ia/references/don/NAVSO%20P5239-26%20Remanence%20Security.pdf

there is a plethora of information on the topic in those links, much of which could be incorpoated into this article with some transformation here and there. they are exellent resources on the whole subject, some old some new. --AF1987 22:40, 18 July 2006 (UTC)

[edit] gutmann 35-passes

"Gutmann suggests overwriting data in 35 passes" is basically wrong. in the epilogue section of the linked article, it says that only the passes related to the specific architecture of the target media are necessary, and doing all 35 of them is complete overkill. i'm a lazy anonymous user, so someone please correct this. 147.154.235.51 18:14, 25 July 2006 (UTC)

[edit] External links (marketing?)

removed googole search did not demostrated this company is not particularily significant in this topic.

  • [BLACKLISTED LINK REMOVED: http://www.computation.to]- A Canadian computer recycling company specialising in secure data destruction and landfill diversion, facilities in Toronto and Montreal.

[edit] NISPOM

This article cites NISPOM several times on data remanence. I'm afraid the current edition of the offical NISPOM does not actually include anything on methods for clearing or sanitization (purge, in the article's terms); it merely states when they are required. I have encountered no official NISPOM which does include this. The NISPOM is a very general document; information systems is only one chaper, and sanitization only a couple of paragraphs.

I suspect what popular lore has attributed to NISPOM is actually from the DSS Clearing and Sanitization Matrix, which does specify methods. There is a PDF floating around on the Internet which presents a NISPOM with a C&SM incorporated into it. That is the PDF on the usaid.gov site, linked to by the article. I have no idea if that is an official document, or someone's convenience addition.

You can find a link to the DSS C&SM at the DSS website (column on right, under "Guidance", about 3/4 of the way down). Unfortunately for Wikipedia, the current DSS C&SM is restricted as For Official Use Only. I have a copy at work, but I cannot distribute it, or divulge it's contents, for that reason.

My intention is to remove references to the NISPOM from this article, as they are incorrect. However, I am not sure what to replace these NISPOM references with.

Feedback?

--DragonHawk 03:06, 14 August 2006 (UTC)

Sorry for the anon input. The NISPOM references are not so much incorrect as they are outdated. The NISPOM copy with the incorporated table is the mid-90s version. It was updated several times and the table eventually removed and published separately by DSS. (BTW, the version today at the DSS site doesn't have any FOUO marking: http://www.dss.mil/isp/odaa/documents/clearing_and_sanitization_matrix.pdf)

One area that should be fixed is that the article references a three pass requirement from NISPOM and then a 7 pass requirement from the same document (using the document number DoD 5220... There was never any 7 pass requirement in that doc that I saw.

Also, Guttman's paper (http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html) which is the source of the 35 pass concept was presented in 1996 and related to an older type of drive technology. I have heard he has commented on this not being applicable to modern drives, but I don't have a reference. —Preceding unsigned comment added by 64.242.52.23 (talk)

[edit] Disc shredderer

ThinkGeek sells a disc shredderer for CD and DVD discs. http://www.thinkgeek.com/gadgets/security/6d7f/


[edit] Huh??

I don't understand this:

In addition even if a sector is overwritten the phenomenon of data remanence can make deleted data forensically recoverable.

If the data is overwritten, what is left to allow recoverability? Its aura?? The way this is presented now, it sounds frankly occult; the details need to be explained.

On older style magnetic media the bits "are big" - allowing special methods to recover the overwritten data. This is not a problem for modern hard discs, where a single pass will destroy data.
Key word is "forensically". A common technique (to forensic recovery agents anyway) is to dismantle the drive in a cleanroom and examine the platters. Modern disks have more precisely aligned heads and use an ever smaller fraction of the disc surface to store each bit. Older disks may leave behind traces of the bits that were meant to be erased, traces large enough for today's drive heads to read. -Nahum Reduta (talk) 15:27, 18 November 2007 (UTC)

[edit] Negative

This is very different than shredding which involes only a physical process. data-destruction and data-loss are related, but also differnent in scope and inclusion.

Justin James McCorkle, 08 March 2007

thanks to those who removed the incorrect English posted earlier in this forum. —The preceding unsigned comment was added by Harkonlucas (talkcontribs) 19:18, 8 March 2007 (UTC).

[edit] Gutmann fallacy

This article mentions that Gutmann suggests a 35 overwrite cycle. He never suggested this. Guttman said 3 over writes is enough for any type of drive controller. The Guttman method provides overwrite patterns for 35 different types of drive controller. You'd only use all 35 methods if you did not know which type of drive controller you're using. DanBeale 13:02, 31 March 2007 (UTC)

I see I've said the same as the lazy anon above, so I'll just edit the article. DanBeale 16:58, 31 March 2007 (UTC)


[edit] Data warehouse?

Why was Data warehouse added to See also? It doesn't seem on topic.--agr 11:06, 24 April 2007 (UTC)

[edit] UCSD Secure Erase and other notes

Seems that at the insistence of a certain Dr. Hughes of UC San Diego's Center for Magnetic Recording Research, today's HDs come with a built-in method for secure erasure, including bad sectors and non-data regions. Also proposed is onboard encryption, allowing for data to be rendered immediately obscured by wiping the drive's encryption key. I'm trying to find an article I read about specific patterns used in overwriting that resemble magnetic waves used in low-level erasure. -Nahum Reduta (talk) 16:23, 18 November 2007 (UTC)

[edit] Methodology for recovering data from wiped drive

How, exactly, would one recover data from a hard drive sector that had been overwritten a small number (say, one or two) times? Sarsaparilla 01:11, 1 December 2007 (UTC)

Gutmann's paper addresses this in scientific detail. Handwave: They use really high tech equipment to examine the trace magnetic signatures left on the disk platter. Exactly how feasible this is remains open to debate. —DragonHawk (talk|hist) 07:52, 10 December 2007 (UTC)
It's theoretical only, there are no public reports of real world use of data recovery via MFM. —Preceding unsigned comment added by 74.71.245.199 (talk) 02:37, 5 February 2008 (UTC)

[edit] Overhaul and merge

Hi, all. I've just finished a major overhaul (almost a rewrite) of the entire article, and also merged in Shredding while I was at it. One of my goals was just to eliminate a lot of the redundancy and needless repetition which the article had accumulated over time.

I also removed a lot of "advice" and "how to" content, because Wikipedia is not a manual or guide. Direct instruction ("should do", "be sure to" statements) really don't belong here. If a particular standard or reliable source states something, we can say "ANSI Standard ID10T requires..." or whatever, but we're not supposed to be making pronouncements of any kind. See also WP:NPOV.

Because of that, I dropped some content from the Shredding article in the merge. You can check the old "Shredding" article for anything I missed, or for possible candidate material for Wikibooks or the like. I also noted this at the Talk:Shredding#Data remanence merge.

Feedback welcomed, as always. —DragonHawk (talk|hist) 06:25, 10 December 2007 (UTC)

[edit] Spam link?

At the end of the page (see version) there's a link (A guide to choosing a destroyer) which is completely useless IMHO and maybe Spamdexing (see also WP:EXT), so I'm removing it.
Edit: It seems the link has been added by an anonymous user on 2008/01/07 14:55 (see diff).

--213.140.6.123 (talk) 00:22, 31 January 2008 (UTC)