Hmmm.. on another note I tried to use the Secure Erase DOS utility from the University of California a few days ago on my WD Caviar Blue 640 GB and it said the drive didn0t have that ATA feature (Built-in data shredding which is much faster and secure) implemented.
So how's that for security when this subject is little talked about - and by that I mean that all modern ATA/SATA drives should have the Secure Erase command built-in, but don't, along with the fact that no company alerts the user who sells their used HDD's on ebay or disposes of them, thinking that a simple format or file overwrite is enough ?
I know that the State must love this ignorance because it makes forensic data retrieval a lot easier, but in the end ingnorance is never good for anyone.
[citation][nom]nevertell[/nom]Still waiting for a drive with built-in chip for AES encryption.[/citation]
Touche. Intel has already integrated an AES chip set into their i7 processors which TrueCrypt can see a 5x+ performance gain. However, the problem with encryption is for half the folks they are going to take any kind they get and run with it blind while the other half is constantly paranoid about it doing its job and putting all their eggs in one basket. To that effect TrueCrypt has built up such a reputation that many don't want to use the Intel design even though it's faster because they are paranoid that Intel sabotaged the design and isn't "Secure". It's really an unwinnable battle when you speak about encryption.
However if you combine both Wiping + Encryption it's a pretty solid bet that you will be safe especially if you encrypt a file before performing a DOD 3 execution wipe method. Even that is overkill when it comes to wiping data. Like a good conspiracy theory that is believable, you have to just look past the possibilities and go on living your life with caution and not getting hung up on what may be possible and what isn't, with data it's the same way. I don't think people should fear the government as some mastermind overlords that nothing isn't within their reach.
I think many of you underestimate the effectiveness of modern encryption. Remember that guy that used PGP to secure his kiddie porn a while back, and the government tried to coerce him to give over his password cause they couldn't break it? The government might not use PGP for state secrets, but its good enough to outwit your everyday law enforcement.
My point is, any businesses considering this technology (and any potential home users) don't have enemies powerful enough to break this encryption, and thus, wiping the key is good enough for the foreseeable future. Sure, someone, someday will be able to decrypt the data, but by then, will anyone care (will the data be relevant, will the drive still even exist)?
I know someone who recovers lost hard drive data for a living. You would be surprised how many times something can be overwritten and still recovered. Luckily encryption is previous data dependent. Meaning if you can wipe just 1 character in the current block sequence effectively, then the data is reasonably protected because it will yield vastly different data for the rest of the block, even if all those bytes are successfully recovered.
I cringe everytime I know millions upon millions of dollars of secret research and data is being thrown out on an unsecure drive.
Wipe the key, then wipe the disk. (Or degauss it or destroy it!)
[citation][nom]dextermat[/nom]do you really think the government can't get into a locked hard drive lol.Im pretty sure a good hacker can get into it without you even knowing about it!![/citation]
This isn't Hollywood where you can supposedly crack top-secret uber-encryption in 5 minutes. Modern encryption, properly implemented and using strong keys, is currently impossible (in a single or possibly many lifetimes) to crack.
This won't work in a general business sense simply because many times in the real world when a laptop / desktop has a hardware problem, then the drive is simply swapped into another machine as a loaner (or permanently) to get the user up and running as fast as possible while the other is repaired.
If that drive does what it says, then that option is out and if the machine is not bootable for hardware issues not related to the drive then you are hosed.
So still the better bet is to simply install encryption software such as TrueCrypt or McAfee Endpoint.
This is actually a good concept technology. Its like a glass plate inside a safe that perma-locks it when a safecracker hits it. This results in a rather lengthy brute-force method to break the encryption. Physically breaking/burning hardrives doesn't destroy all the data since there are labs that will disassemble the hard drive and retrieve the data that way.
First thing hackers try to do when they have physical access to the HDD is to remove it and make it into a slave read-only drive thus eliminating any OS passwords or security, or they just clone all the data onto a spare HDD through a piece of hardware and solve at their leisure.
20 lb sledge hammer and a cutting torch and some spot welding, hdd, disc's, bios chips, i feel secure. i find it funny people worry so much about the hdd when every keystroke is recorded on their motherboard. anybody else forget that simple fact, or do you still wipe your hdd after you had your printer whip up something illegal? if you're one of those people i'm laughing.
f-14, I dont know what conspiracy theory school you went to, but your system board does not record every keystroke you make. That "simple fact" as you state is nothing but a stupid comment not only has is not a simple fact, it isnt even a commonly heard BS story.
I have been in the computer industry for 20 years and have NEVER heard something so stupid.