5 Responses to GhostSurfer Wipe Out Leads to Jail Order Sanctions

  1. Mike Rossander says:

    Re: the argument that the overwrite guidelines “are a bunch of malarkey”

    Actually, there remains some debate on that topic. First let me try to explain why it used to be necessary. Think of your computer plopping down little blots of magnetic “color” for each bit on your computer disk. Maybe a blot of red for a one and a blot of blue for a zero. (Actually blots of up and down magnetic field but blue and red are easier to visualize.) Put down a string of red and blue blots, then plop out a new string of red and blue when it’s time to overwrite that section of the disk. The areas between the blots remain gray – nobody scrapes the wall down before appying the next layer of blots.

    The write heads, especially on older computers, were a bit sloppy – they became slightly misaligned with use. The disk were a bit wobbly, too, especially in the days of floppies. An overwrite should exactly cover the previous blot but it wouldn’t quite do it. If you got a strong enough microscope (and either had the patience of Job or some very good computers), you could look carefully and often see a bit leftover color at the edge of the previous blot. If you were really good (and had an electron microscope and a few NSA-grade supercomputers), you might even discern patterns of the edges, make pretty good guesses about how the disk’s alignment drifted over time and read up to 7 versions of color back for each blot.

    The argument today is that the write heads are so much smaller, the tolerances and alignments so much tighter and the blots so much finer that there is almost no slop left in the system and that the traces at the edges are too small to ever detect.

    Maybe. It’s certainly true that today’s commercially-available technology is unable to recover a file wiped with even a single pass. Unless you’re protecting DOD-nuclear secrets, multiple wiping of a modern disk drive is overkill. I’m not willing to say that it’s complete malarkey, though. New recovery technologies do come along every so often and, well, some companies really are protecing DOD-nuclear secrets.

  2. Nice blog post I had a good time reading this.

  3. […] control is one of the oldest tricks in the book. Many spoliation decisions discuss using evidence wiping software, or otherwise destroying equipment to avoid production of evidence. Civilly, this can […]

%d bloggers like this: