[HN Gopher] Overwriting Hard Drive Data: The Great Wiping Contro...
___________________________________________________________________
Overwriting Hard Drive Data: The Great Wiping Controversy (2008)
[pdf]
Author : Tomte
Score : 9 points
Date : 2021-08-29 19:55 UTC (3 hours ago)
(HTM) web link (www.vidarholen.net)
(TXT) w3m dump (www.vidarholen.net)
| chasil wrote:
| Anything wrong with GNU shred on the block device?
| chungy wrote:
| In short, no. Often a plain old zero pass is good enough, but
| shred defaults to doing three random passes and that'll be sure
| to destroy any hopes of recovery.
| jcrawfordor wrote:
| 1) Just a funny fact, the Craig Wright who's first author on this
| paper is _that_ Craig Wright.
|
| 2) This is a good paper on the situation, but as I've mentioned
| before tends to miss the point. The data remanence concern today
| is usually non-volatile caches and remapped sections of the media
| which are not documented or accessible to the host. This problem
| is best known for SSDs but very much exists on modern platter
| drives as well. No number of host-based overwrites will reliably
| overwrite these even once, and the manufacturers do not document
| or disclose the behavior.
| sharikous wrote:
| Would that mean that, hypothetically, a bad actor could
| convince the manufacturer to place sensitive data about you in
| inaccessible parts of the disk? So short of destroying it
| completely, a computer (especially one where permanent storage
| is soldered in) could be assumed to contain anything that was
| stored on it even once?
|
| Well when the government will become very interested in
| hoarding old electronics and registering every facility able to
| destroy them, we should become suspicious.
|
| I would be very relieved to be proven paranoid.
| dzdt wrote:
| And the Dave Kleiman who is second author on this paper is
| _that_ Dave Kleiman, the one who most likely invented bitcoin.
|
| Wright has claimed to be Satoshi Nakamoto but has proven
| himself to be a liar on this topic; by his actions he clearly
| believes that Kleiman controlled the Satoshi butcoin fortune
| before his untimely death.
| nullc wrote:
| Dave Kleiman had absolutely nothing to do with the creation
| of Bitcoin.
|
| Prior to his death Kleiman was IT support staff for a small
| county sheriff's department in Florida. He has no relevant
| expertise -- e.g. the only evidence of Kleiman ever writing
| any program ever was a simple visual basic script to automate
| checking the windows registry for forensic information.
| Literally the only thing remotely suggesting any connection
| is documents from Wright which are provably forged and
| created after Dave's death.
|
| [Wright's forgeries tend to be extremely bad: Stuff like
| changing the year in emails but not fixing the day of the
| week and misspelling Dave's name -- in emails supposedly from
| Dave. Accidentally producing unmodified originals, citing
| laws that didn't exist until years later, using software
| versions that didn't exist until years later, referencing
| URLs on his own domain names that he didn't register until
| years later, accidentally producing "dave"'s private keys in
| discovery ... but they're also extremely numerous, so it's
| easy to get smothered under the total mass of them.]
|
| Wright invoked his former friend in his scheme posthumously
| to solve a specific logistical problem: Wright himself can't
| program (certainly not in C/C++). So in his forgeries he
| included someone who couldn't contradict his stories so that
| Wright could beg off his inability to answer questions as
| "Dave did that part". Fortunately for Wright, it turned out
| that none of the eligible victims asked any hard questions.
| Unfortunately for Wright, Dave's family came after him for
| their share of the fortune Wright claimed they created
| together. Fortunately for Wright, Dave didn't actually help
| him (because neither had early involvement in Bitcoin).
| Unfortunately for Wright, all the easily proved forgeries in
| the case with the estate end up making it look like Wright is
| covering up the involvement to hide what he owes. Wright's
| frogurt is cursed, but also doesn't exist. (So that's good?)
|
| Kleiman isn't the only deceased person that Wright
| involuntarily enlisted into his con-- Wright as also claimed
| that he was aided by Gareth Williams (some MI6 spy that was
| in the news at the time Wright started spinning this yarn)
| and David Rees -- an older academic who was disabled and
| unresponsive in a care home at the time Wright claimed to
| have been working with him.
| anfractuosity wrote:
| Do you mean a type of spinning disk that also has flash memory
| for caching? I thought spinning disks normally used volatile
| memory for the cache?
| jcrawfordor wrote:
| No, platter drives usually don't have nonvolatile cache
| although it's hard to say for sure. Enterprise drives are
| more likely to. The bigger issue with spinning drives is that
| they move data around the platters in ways not disclosed by
| the manufacturers, including both optimizations (writing near
| heads) and error corrections like ending use of problematic
| parts of the platter. These all leave bits of data in "non-
| addressable" parts of the platter.
| anfractuosity wrote:
| Ah, that's interesting. I wonder how hard it'd be to find
| these areas of the disk, I wonder if the location of them
| is stored in some kind of non volatile memory, so the disk
| can easily find them.
| h2odragon wrote:
| Thermite is cheap, fun, and effective.
|
| Fire cleanses all sins.
| YLYvYkHeB2NRNT wrote:
| Are you willing to take that chance when discarding EOL disks?
| swdev281634 wrote:
| Depends on the discarding method.
|
| I format them, and gift to some people around here who could
| make a good use of them (friends, neighbors). Usually, I
| replace disks because I need more storage, the old ones have
| quite a few years of life still left. These people know me,
| getting good hardware for free, and I'm reasonably confident
| they won't sell them to digital forensic experts on e-bay.
| fortran77 wrote:
| I sledgehammer them.
| nullc wrote:
| You probably don't want to believe anything in this: The author
| is a well known scammer/con-artist (Craig Wright) who has a long
| running advanced fee fraud scheme predicated on convincing
| suckers that he created bitcoin and has some secret stash of
| billions that he could get to only if his victims help him with
| some cash flow problems.
|
| He has a long history of using forgeries, faked documents,
| plagiarism, and impersonation in order to pass himself off as
| some kind of credible.
|
| This article is debunked in the "Further Epilogue" of
| https://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
|
| Moreover, the images of their supposed MFM imaging was just
| copied off a manufacturer's page (
| https://web.archive.org/web/20090418043851/https://www.engr....
| shows another copy on a similarly old page, citing the source) --
| so it seems unlikely that they ever performed any measurements at
| all. A big chunk was plagiarized from an uncited source ("A
| Practical Guide to Scanning Probe Microscopy (1993)")... another
| hallmark of Wright's lame forgeries.
|
| There was a phenomenal twitter thread that went over all this and
| more, but Wright used spurious legal threats to drive the author
| off twitter. The biggest loss was where it pointed out that one
| of the citations in this paper is where they tried to cite Nikola
| Tesla in [20], but used the title of the 1989 album The Great
| Radio Controversy by the rock band Tesla (
| https://en.wikipedia.org/wiki/The_Great_Radio_Controversy ). :P
|
| These days Wright is busy prolonging a lawsuit against a dozen
| former and current Bitcoin developers-- including myself--,
| demanding that they help him compensate for his lack of private
| keys by publishing a backdoored version of Bitcoin in order to
| aid him in taking billions of dollars worth of other people's
| coins, or failing that pay him billions of dollars themselves.
|
| I wouldn't be shocked now if Wright wasn't promoting this article
| because in one of his lawsuits he claimed hackers hid a "wifi
| pineapple" in his home and used it to penetrate his systems and
| then delete his private keys. ... and then before contacting law
| enforcement he completely wiped his systems, helpfully destroying
| evidence that the supposed hack never happened and that the keys
| never existed. So now he's invested in the claim that deletions
| are never recoverable, to cover for his transparent spoliation.
|
| He's now funded by loans taken out against his non-existing
| bitcoin fortune, which likely explains why he's cowardly doing
| everything he can to delay progress in at least five different
| court cases. Presumably the consequences for him will be dire
| when his victims start realizing the funds he promised them next
| existed. Esp because one of the largest sponsors is a former drug
| smuggler who spent a decade on the run on the DHS most wanted
| list.
___________________________________________________________________
(page generated 2021-08-29 23:01 UTC)