ralph
10/11/2011 8:43:00 AM
On Mon, 10 Oct 2011 19:17:43 -0500, Tony Toews
<ttoews@telusplanet.net> wrote:
>On Mon, 10 Oct 2011 16:08:49 -0500, ralph <nt_consulting64@yahoo.net>
>wrote:
>
>>4) I assume you want to go this extra step to thwart attackers with
>>more sophisticated disk utilities to 'read' any data in these 'free
>>blocks'. Unfortunately many of these utilities can recover data that
>>has been simply overwritten with 1s or 0s. It takes several passes
>>writing random bits to do the job throughly.
>
>Are you sure about that?
Yes.
> Do you know of some utilities that actually
>work that state that?
No reputable Disk Recovery company will provide any kind of guarantee
"sight unseen" except for the common problems like a reformatted HD,
file or partition deletions, a corrupted disk, etc.
I personally know of only one case where data was retrieved after a HD
was deliberately wiped with the open source "Eraser" (IIRC). This was
not done with purchased software, but by sending the disk off to a
company that specializes in such recoveries. I don't know how much
data was recovered and only the vaguest idea of how it was done, but
it led to an arrest and successful prosecution.
I doubt that recovery is 100% successful in all cases and I definitely
doubt the process is anywhere near as easy as they show on TV.
However, I am certain that such recovery requires specialized
equipment and software, and a high level of expertise.
This all leads to the inevitable questions, the same questions that
apply to ANY security issue:
"How secure do you need or want it to be?"
(What's your comfort level and who is the possible attacker?)
"How much effort and expense are you willing to spend to reach that
level of security?"
"How much effort and expense is an attacker wiling to spend to breach
that level of security?"
In the OP's case that means how likely is it the recipient will run a
recovery utility or send the HD to a Forensic specialist? Or how much
embarrassment would result if they did? <bg>
-ralph