[prev in list] [next in list] [prev in thread] [next in thread] 

List:       racf-l
Subject:    Re: Definitive erase - not easy...
From:       Ed Gould <edgould1948 () COMCAST ! NET>
Date:       2007-08-29 0:30:13
Message-ID: F7613797-7CAB-4585-8168-1347C9DF4560 () comcast ! net
[Download RAW message or body]

On Aug 28, 2007, at 2:38 PM, Gary Green wrote:

> Even if writing over the "data" 3 or 4 times should work, how could
> you be assured the data you wrote was actually written to the same
> location the data you need to destroy was in that same physical
> location?
>
> With the new controllers, everything could be virtual and only
> backed up, written, to real disks by the controller when it gets
> around to it; depending on "factors". Internally, to the
> controller, there is nothing more than a series of pointer tables
> which map to real "drives" and the real data could be anywhere.
> When you rewrite the data, the in-memory table entry for the. let's
> say, cylinder, is updated with the new location of the data that
> gets written to a disk drive; which may or may not be the same
> drive the data it replaced was on.
>
> Sorry about the confusing description.  I could do better if I was
> not in a hurry at the moment.
>
>
>  On Tue Aug 28 14:45 , Mautalen Juan Guillermo
> <jmautalen@ANSES.GOV.AR> sent:
>


Gary,

There is at least one person on the list here that used to work for
IBM in the DASD area who could probably answer it definitively.
Having said that there is of course a real difference when it comes
to a SLED (real dasd) or an array type dasd unit. The question
probably should be rephrased to indicate a SLED or "array" drives.
Side story.. I knew an IBMer who worked out of the White House during
the Nixon fiasco. He was able to reconstruct some of the email on a
VM system that later helped convict the administration. He did *NOT*
go into the details needed in this conversation how he was able to
reconstruct it. It was a don't ask type of conversation. This is
*NOT* the same person who I mentioned in the first paragraph.
There are all sorts of rumors that intelligence agencies can do X or
Y I would be strong suspect of any claims, myself or anyone claiming
to "know" as it would be a ultra top secret type of info and you
basically cannot trust anyone who says he speaks authoritatively.

I would probably read the FDR product that zero's out dasd and use
that as a basis for any extremely basic understanding of security. If
they claim that that their product is approved by the DOD I would
take their word and pass it to an auditor and let him/her make the
decision.
Ed
[prev in list] [next in list] [prev in thread] [next in thread]