[BC] The "Net Neutrality" proper position to have ??
Peter Smerdon
psmerdon at fastmail.com.au
Wed Nov 24 22:28:15 CST 2010
The file-system-level "file delete" doesn't delete the physical file,
only the file system references.
The file (or fragments of it) are still available to be recovered using
widely available "undelete" utilities.
The "send to Recycle bin" operation just moves the file to another
location, where it can be recovered without needing special utilities.
AFAIK it'll stay in the Recycle Bin until the space is needed for other
file operations.
Neither of those is any recovery challenge to a power user, let alone a
forensic IT specialist.
Richard's utility seems to take it the next step, by systematically
overwriting the file contents to make them unrecoverable without extreme
effort (if at all).
I have heard of forensic recovery techniques which can recover
overwritten data by reading the "ghost fragment" magnetic domains
beneath the current data magnetic domains - but have no direct knowledge
of this technique.
Hmm - I wonder if SSHDs are more secure in this regard???
The retained "ghostly data" is the reason why some "secure file delete"
utilities allow you to specify how many passes of random "noise" to
apply. The more paranoid you are, the more passes you use...
Richard's is just one of many secure file deletion utilities - and I
suppose all those authors have gotten the same unsolicited "friendly
advice".
I don't see anything morally wrong with these utilities - they achieve
the same thing as the old "burn after reading" practice with paper records.
Snoops have had it too easy for too long with the inherently insecure
file deletion scheme of operating systems like Windows.
There have been too many horror stories of sensitive data being
recovered from hard drives in second-hand or junked PCs, even when the
original user took normal steps to delete the data.
Cheers,
--
Peter Smerdon.
Melbourne Australia.
On 25/11/2010 9:10 AM, Dave Dunsmoor wrote:
>>> You have provided a software program whose primary function appears to be
>>> the deletion or overwriting data which may be essential for the
>>> prosecution
>>> of criminal cases.
>> Is this not true of the M$ "Recycle" bin ?
>> Is it not true of ANY file deletion anywhere, anytime ?
>>
>> --
>> Cowboy
> Uh, yeah...my thinking also. NOT to disrespect Richard in any fashion, but
> to whomever sent him the "stupid-gram".
>
More information about the Broadcast
mailing list