HE HE!
* Call the delete/kill function to remove the link of the file
Do you think that''ll do?
// Last Attacker \\---=( LA )=---// LA Extreme \\
ICQ Number : 120585863
E-mail:
laextr@icqmail.comPermanent Deletion?
Author
Hi!
I was reading about file deletion, that even if you formatted your hard-drive, the data is still there its just the FAT-table thats emptied. ''Caus people could still use data-recovery apps, to recover the data from those disks, like when people format and sell their HDs (Hard-Drives), after formatting, the people buying the HD can get old info like Credit-Card details, etc. through Data-Recovery apps.
So if I where to write an app that can make sure that the data you delete is deleted, whould you agree that I have to do the following :
* Get the length of the file in bytes
* Open the file and write all the bits of the bytes as 1''s or 0''s
* Close the file HE HE!
* Call the delete/kill function to remove the link of the file
Do you think that''ll do?
// Last Attacker \\---=( LA )=---// LA Extreme \\
HE HE!
* Call the delete/kill function to remove the link of the file
Do you think that''ll do?
// Last Attacker \\---=( LA )=---// LA Extreme \\
That will be enough for the most part. However if the file was previously larger than it is now, or the file is a word doc (word saved temp copies of the file) then the data can still be found. The thing most programs do is erase the free space by creating a file as big as the free space and writing to it. This way only the files that exist at that time can ever be found.
btw there are an extraordinary number of programs out there that do this. Unless you are doing it for fun I suggest you do a quick google and pick one from the millions of results.
btw there are an extraordinary number of programs out there that do this. Unless you are doing it for fun I suggest you do a quick google and pick one from the millions of results.
This would involve low level disk access. And that is something pretty dangerous. Because if you access the drive at low level(Eg, you write directly to physical drive addresses) you can easily mess up and overwrite existing data.
Also, since the file is probably fragmented over the disk writing such as app would read the start address, write data until a sector jump is found or end of file, jump to next sector, write data, etc.
And then you would repeat this step about 10 times to make sure it's fully overwritten. Best is to write 1111111 everywhere, next step write 0000000, next step write 1111, etc.
I think your application would require Ring 0 access under Windows to be able to write low level to disks.
EDIT:
You could also build in "Wipe complete disk" and "Wipe empty space" options. Wipe empty space would take the entire FAT/NTFS table, calculate positions of all fragments. Ordering the fragments in order of sector number you could find the empty spaces on the disk. If you wipe those addresses 10 times, that data would be erased. This could be usefull if you deleted a couple of important files(Porbably a large number of files).
Toolmaker
My site
/* -Earth is 98% full. Please delete anybody you can.*/
[edited by - toolmaker on April 15, 2004 5:36:25 AM]
Also, since the file is probably fragmented over the disk writing such as app would read the start address, write data until a sector jump is found or end of file, jump to next sector, write data, etc.
And then you would repeat this step about 10 times to make sure it's fully overwritten. Best is to write 1111111 everywhere, next step write 0000000, next step write 1111, etc.
I think your application would require Ring 0 access under Windows to be able to write low level to disks.
EDIT:
You could also build in "Wipe complete disk" and "Wipe empty space" options. Wipe empty space would take the entire FAT/NTFS table, calculate positions of all fragments. Ordering the fragments in order of sector number you could find the empty spaces on the disk. If you wipe those addresses 10 times, that data would be erased. This could be usefull if you deleted a couple of important files(Porbably a large number of files).
Toolmaker
My site
/* -Earth is 98% full. Please delete anybody you can.*/
[edited by - toolmaker on April 15, 2004 5:36:25 AM]
I don't think overwriting with a set pattern (all 1s, then all 0s, or something like that) will actually erase the data to the point where a good lab won't be able to recover it. As long as they know the pattern, they can actually compensate for that. Bits are analogue on the disk. They aren't 1 or 0, they're 0.954 or 0.012. When you write a bit to the disk, a smidgen of the old value gets left there (so writing 1 to a bit with value 0.954 would give you a bit with value 0.958 or something, whereas writing 1 to a bit with value 0.012 would give you 0.905 or something, main point being it's lower than it woulda been if it was overwriting a 1).
Upshot of all that is that you have to overwrite things a LOT of times (iirc at least 8-16) before they become too munged to untangle. Even then if technology improves it might be possible in 10 or 100 years to recover the data... if what I heard is true, the US government disposes of their sensitive-information-storing hard drives by melting them into slag, stirring them up, chipping them, and then burying them inside concrete blocks in a secure area. Possibly they wrap them in bits of alien spacecraft too.
[edit: of course this is for cases when the government of a high-tech superpower is trying to uncover your plans for a doomsday weapon, and 8192-bit encryption just won't cut it. If you just want to stop your mommy undeleting your porn collection by mistake, your approach will be fine. ;]
[edited by - fractoid on April 15, 2004 5:55:37 AM]
Upshot of all that is that you have to overwrite things a LOT of times (iirc at least 8-16) before they become too munged to untangle. Even then if technology improves it might be possible in 10 or 100 years to recover the data... if what I heard is true, the US government disposes of their sensitive-information-storing hard drives by melting them into slag, stirring them up, chipping them, and then burying them inside concrete blocks in a secure area. Possibly they wrap them in bits of alien spacecraft too.
[edit: of course this is for cases when the government of a high-tech superpower is trying to uncover your plans for a doomsday weapon, and 8192-bit encryption just won't cut it. If you just want to stop your mommy undeleting your porn collection by mistake, your approach will be fine. ;]
[edited by - fractoid on April 15, 2004 5:55:37 AM]
Author
I would like to know more about the ''low level'' of an HD. Whats the diffs between that and the normal way do file handling (ie. like in C++).
Looks like if you want to sell your HD, you have to perform a low-level format, then run FDISK and then format to FAT32, etc. HE HE
// Last Attacker \\---=( LA )=---// LA Extreme \\
Looks like if you want to sell your HD, you have to perform a low-level format, then run FDISK and then format to FAT32, etc. HE HE
// Last Attacker \\---=( LA )=---// LA Extreme \\
ICQ Number : 120585863
E-mail:
laextr@icqmail.com
Author
quote:Original post by fractoid
I don''t think overwriting with a set pattern (all 1s, then all 0s, or something like that) will actually erase the data to the point where a good lab won''t be able to recover it. As long as they know the pattern, they can actually compensate for that. Bits are analogue on the disk. They aren''t 1 or 0, they''re 0.954 or 0.012. When you write a bit to the disk, a smidgen of the old value gets left there (so writing 1 to a bit with value 0.954 would give you a bit with value 0.958 or something, whereas writing 1 to a bit with value 0.012 would give you 0.905 or something, main point being it''s lower than it woulda been if it was overwriting a 1).
Upshot of all that is that you have to overwrite things a LOT of times (iirc at least 8-16) before they become too munged to untangle. Even then if technology improves it might be possible in 10 or 100 years to recover the data... if what I heard is true, the US government disposes of their sensitive-information-storing hard drives by melting them into slag, stirring them up, chipping them, and then burying them inside concrete blocks in a secure area. Possibly they wrap them in bits of alien spacecraft too.
[edit: of course this is for cases when the government of a high-tech superpower is trying to uncover your plans for a doomsday weapon, and 8192-bit encryption just won''t cut it. If you just want to stop your mommy undeleting your porn collection by mistake, your approach will be fine. ;]
[edited by - fractoid on April 15, 2004 5:55:37 AM]
Are you saying that even if you overwrite data, that the overwritten data can still be obtained, some how?
// Last Attacker \\---=( LA )=---// LA Extreme \\
ICQ Number : 120585863
E-mail:
laextr@icqmail.com
Yes, but the gaurds/police/cops can''t get your data if you use flash RAM :-). Flash ram is completely and utterlly eraseable. BTW if you write the following values to a HD in order about ten times:
0, 170, 85 , 255
You''ll probably scramble the data beyond recognition. The tolerance of the logic chip in a Hard Disk means that they can only detect 1 and 0 not 0.9512 or 0.1234. One byte of remaining data about your doomsday weapon is useless.
It''s very difficult to open a hard disk without causeing physical damage too. You''d need an analog HD drive reader to read the data it is electronically impossible to detect such small flutuations at the molecular level. Unless you want to use a scanning electron microscope to go through 60GB of data.
How could you create accurate digital data, and unless the data was in digital form you can''t use it so it''s a pointless exercise anyway.
Your analog harddrive reader will have to be tuned perfectly the the size of track, and will probably fuck up the disk anyway. Considering each hardrive manfacuturer usees different patented technology, you''d be fairly sure to kill your original data.
For low level disk access use ASM and DOS bootdisk. It''s easier than you think to wipe an entire disk. Why not just get an extremly large eletromagnet?
0, 170, 85 , 255
You''ll probably scramble the data beyond recognition. The tolerance of the logic chip in a Hard Disk means that they can only detect 1 and 0 not 0.9512 or 0.1234. One byte of remaining data about your doomsday weapon is useless.
It''s very difficult to open a hard disk without causeing physical damage too. You''d need an analog HD drive reader to read the data it is electronically impossible to detect such small flutuations at the molecular level. Unless you want to use a scanning electron microscope to go through 60GB of data.
How could you create accurate digital data, and unless the data was in digital form you can''t use it so it''s a pointless exercise anyway.
Your analog harddrive reader will have to be tuned perfectly the the size of track, and will probably fuck up the disk anyway. Considering each hardrive manfacuturer usees different patented technology, you''d be fairly sure to kill your original data.
For low level disk access use ASM and DOS bootdisk. It''s easier than you think to wipe an entire disk. Why not just get an extremly large eletromagnet?
Author
Won't an eletromagnet damage your HD while removing its contents?
Please may I ask you to refrain from swearing.
Thanks
EDIT: So If I had to create my little util for deleting, I have to write 0's or 1's to the sectors of the disk like 7-times or something?
// Last Attacker \\---=( LA )=---// LA Extreme \\
[edited by - Last Attacker on April 15, 2004 6:48:43 AM]
Please may I ask you to refrain from swearing.
Thanks
EDIT: So If I had to create my little util for deleting, I have to write 0's or 1's to the sectors of the disk like 7-times or something?
// Last Attacker \\---=( LA )=---// LA Extreme \\
ICQ Number : 120585863
E-mail:
laextr@icqmail.com[edited by - Last Attacker on April 15, 2004 6:48:43 AM]
Yeah it probably would. Why are you so interested in this anyway? Your average Joe isn't going to waste his time looking for your old data. Quick Formating just deletes tha FAT table, a full format writes the entire disk.
Sorry about the swearing, my excuse is From: Ireland .
[edited by - pkelly83 on April 15, 2004 6:51:54 AM]
Sorry about the swearing, my excuse is From: Ireland .
[edited by - pkelly83 on April 15, 2004 6:51:54 AM]
Author
You''re forgiven.
Anyway, the reason I have an intrest in this is that it suddenly became interesting to me, I mean I always thought that if I call del (DOS) or clicked on ''Delete file'' while holding the Shift button down (Windows), I was actually removing the data from my HD.
Lets just say I''m storing this in my head for future reference
Anyway thanks for your input man, now I can go and write my little util HE HE!
// Last Attacker \\---=( LA )=---// LA Extreme \\
Anyway, the reason I have an intrest in this is that it suddenly became interesting to me, I mean I always thought that if I call del (DOS) or clicked on ''Delete file'' while holding the Shift button down (Windows), I was actually removing the data from my HD.
Lets just say I''m storing this in my head for future reference
Anyway thanks for your input man, now I can go and write my little util HE HE!
// Last Attacker \\---=( LA )=---// LA Extreme \\
ICQ Number : 120585863
E-mail:
laextr@icqmail.comThis topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
