Comments on: Disk Wiping – One Pass is Enough – Part 2 (this time with screenshots)

By: wascalwabbit

wascalwabbit — Wed, 02 Nov 2011 01:06:37 +0000

This used to be a problem and is the reason for the old wives (geeks) tale of wiping a bazillion times, just to be sure. HDDs have come a long way and where they use to have tracks about 3 inches wide (not really, but you get the point), the tracks are so small that this is a non-issue with “modern” drives.

By: Chrille

Chrille — Fri, 09 Sep 2011 20:59:59 +0000

It doesn’t offer a false sence of security, there’s no way anyone will recover any files after you do that gutmann wipe but the same would be true if you made a 1 pass wipe. You’re just wasting time and shortening the lifespan of your hdd by doing so many passes. I can assure you no one will be able to restore anything that has been wiped with a single pass. So I recommend stop wiping those sensetive files with 35 passes and just do a simple overwrite (1 pass).

By: Annymous

Annymous — Fri, 26 Aug 2011 07:12:12 +0000

Use a LIVE Linux CD or DVD.
Learn how to use a Live Linux CD.It already has Firefox and all the web utils plus you can add packages and REMASTER IT to suit your needs.
It requires NO–Yes i said NO Hard Drive.
You can remove that Hard Drive from the computer and it still works. you just have to run the internet setup or (connection) should be on the virtual desktop to get on the web.

Save all your stuff you get off the web in your documents folder but before shutting down put your thumb drive in and save to it cause once you shut it all off everything you did in that session is HISTORY!.

Learn puppy–it’s the smallest and friendliest Linux OS .

If they cannot unerase it they have NOTHING.

By: USAFinjustice

USAFinjustice — Sun, 14 Aug 2011 21:13:56 +0000

Has anyone ever heard of QUINCY? It’s supposedly a CIA computer forensics tool that has been used by DCFL (Defense Computer Forensics Laboratory) in at least two military child pornography cases. In one case, it was supposedly used to “find” deleted and overwritten data that ENCASE and iLook and several other forensic tools couldn’t “find”. When the defense asked to have access to QUINCY, they were denied and told that QUINCY was actually never used except to “verify” what ENCASE supposedly found after two years of searching! One of the agents who conducted the forensic examinations and who later testified at trial had actually lied on the stand during another high profile case (U.S. v Al Halabi). The agent’s name is Eric O’Keefe. Does anyone know anything about QUINCY or O’Keefe?

By: Max

Max — Thu, 23 Jun 2011 07:36:19 +0000

I use eraser as well and it does as advertised. You only need to perform a single pass in the end but if you are using Windows, there are a lot of areas that data can be cached to. Best thing to do is take your most common file type that you wipe that is client related, and see where it is cached across the drive, besides the active file itself. Then you can use something like CCleaner with custom rules to erase/wipe the various locations and perform a wipe of unallocated or free filespace with eraser after.

Another thing to look into obviously is full disk encryption on your systems.

By: hardly boiled

hardly boiled — Wed, 22 Jun 2011 15:34:06 +0000

what about “ERASER” from SourceForge dot net? this offers 1, 7 (DoD) and the 35 Guttman pass options. At work, we use that for sensitive files (financials, clients, etc) but is it just providing a false sense of security or is it really doing the job?

By: Mall

Mall — Mon, 20 Jun 2011 15:53:11 +0000

And what about space between tracks? Write should affect the neighborhood of block.

By: Max

Max — Sat, 18 Jun 2011 05:15:13 +0000

CCleaner and Window Washer are really just part of the package of file destroying tools you should be using. There are so many artifacts that Windows creates that it boggles the mind.

Now had you wiped a hard drive fully, every sector, there would have been little to nothing found. An examiner would view the disk with EnCase and not discover anything.

Feel free to share more about your situation if you would like. Such as what artifacts got you convicted.

By: convicted

convicted — Fri, 17 Jun 2011 02:12:02 +0000

I’m now using ccleaner, but I don’t have faith it can defeat en-case. Windows Washer made the same claims ccleaner does, and look where that got me.

I found out the hard way that en-case can get around so-called file deleters and hdd wipers.

By: convicted

convicted — Fri, 17 Jun 2011 02:09:14 +0000

In 05 I regularly used Windows Washer with Gutmann passes. It didn’t stop en-case finding stuff on my pc.