Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Hard drives v. CF/Smart media/etc.

from [Alexander Klimov] Network Security [Permanent Link]
Subject: RE: Hard drives v. CF/Smart media/etc.
Date: Wed, 19 Oct 2005 23:06:04 +0200 (IST) 
On Tue, 18 Oct 2005, Herman Frederick Ebeling, Jr. wrote:


: Yes since they are for the most part using FAT or FAT32 as the file
: system.  So deleting a file still only marks the space as overwritable
: not actually removing the data.

      What if someone is using the NTFS file system?  How many time
would one have to overwrite the data before it became unrecoverable?
Would say PGPs wipe function be more effective on flash media then
on an actual HD/floppy disk?


Since it is impossible to overwrite a single sector of flash without
erasing (and writing back) the whole erase unit, and also due to the
need of wear leveling the FTL (Flash Translation Layer) is used in
most of the flash ``disks''.  That is when you overwrite some sector
on your `block' device what really happens is that the flash driver
allocates a new place for the new sector and leaves the previous
version unchanged.  So, wiping data by overwriting ``sectors'' which
belong to file is mostly pointless (IIRC this is exactly what pgpwipe
does).  OTOH, if you fill the whole flash with random data, it is
likely that the driver will have to overwrite the old data as well
(note that to continue normal operation flash has to have some reserve
of free space even when it is full, so you can not be really sure that
the data you want to destroy is really gone).

So, either write random data until the flash is full several times,
or, better, never write unencrypted data.

-- 
Regards,
ASK
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Restricting logins by IP address, Keenan Smith
Next by Date:  Re: OS to know., kgp
Previous by Thread:  Re: Hard drives v. CF/Smart media/etc., FocusHacks
Next by Thread:  Re: Hard drives v. CF/Smart media/etc., crazy frog crazy frog
Indexes:  [Date] [Thread] [Top] [All Lists]