LISTSERV - EASI Archives - LISTSERV.ICORS.ORG

EASI Archives

Equal Access to Software & Information: (distribution list)

EASI@LISTSERV.ICORS.ORG

	LISTSERV Archives
	EASI Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Condense Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Sender:	"* EASI: Equal Access to Software & Information" <[log in to unmask]>
Subject:	Re: securely formatting hard drive?
From:	Doris Beers <[log in to unmask]>
Date:	Mon, 29 Jan 2001 13:57:56 -0800
Content-Type:	text/plain; charset=us-ascii
MIME-Version:	1.0
Reply-To:	"* EASI: Equal Access to Software & Information" <[log in to unmask]>
Parts/Attachments:	text/plain (58 lines)

This is not a ridiculous question, although the snappy
answers suggest lots of folk with a lot to lose may
think so.

I am a sr. security engineer.  There are products that
will do exactly what you need done and exactly how you
need it.  Norton is a good resource -- they have
products that can both ensure that material is not
lost when accidentally deleted and that can zero out
the appropriate spots on the hard drive.

Clearly, unless you are selling the drive or taking it
out of service, de-gaussing is not a good choice.

I know hackers who could pull nearly every bit of
information every put on a hard drive within hours.
There is an industry built around recovering
information from hard drives that have been
accidentally (or if you are stupid enough)
purposefully damaged. If you are bothering to use PKI,
using a zeroing out utility only makes sense.

To the others who responded with scorn -- I do hope
your installations have had a security audit recently.
 Even MS is not immune to having their chickens come
home to roost.

Academic sites, because they generally need to be more
open than most, are easy targets and represented the
great majority of sites used as zombies for last
year's huge denial of service attacks against Yahoo!,
etc.  Any of you who have sites -- web based or
supposedly private -- that hold information about
individuals, including social security numbers,
medical and disability information, addresses and
phone numbers and that do not have security procedures
in place are jeopardizing the well-being of the very
folk you believe you are serving.

Sorry for the rant, but the nasty nature of the
responses to this technically sophisticated question
offends me.

Doris Beers
--- Peter Papworth
<[log in to unmask]> wrote:
> Our IT Security section suggests either de-gaussing
> (de-magnetizing) but
> better still, opening the drive and running a sharp
> object such as a nail
> across the disk surface.
>

__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - Buy the things you want at great prices.
http://auctions.yahoo.com/

ATOM RSS1 RSS2

LISTSERV.ICORS.ORG