Memories of a Media Card 266
twistedmoney99 writes "Anyone who has upgraded their digital camera probably has a few older, incompatible media cards lying around — so why not post them on Ebay? Well, if you do, be sure to properly wipe them because the digital voyeurs are watching. Seth Fogie at InformIT.com purchased a bunch of used cards from Ebay and found recoverable data on most of them. Using the freely available PhotoRec application, he was able to extract pictures, movies, and more from apparently formatted cards. The picture is clear — wipe anything that can store digital data before getting rid of it."
Re:Duh (Score:3, Interesting)
Testing the best erase method? (Score:3, Interesting)
What I would like to know is what the most effective method is. Someone should take a bunch of these cards (and harddrives etc) and do a little controlled test to see how much of a photo/file is recoverable after one round of dd, after 10 rounds of dd, etc. In short - what's the most effective (time v.s. security) method for cleaning these things?
NASA's methodology (Score:4, Interesting)
On a side note: When I first started working at NASA we had a budget of well over a million dollars. We got rid of all of the really big mainframes, and minis, and went to micros. Our budget was reduced to somewhere around $500,000.00 a year (about a third of what we originally were given each year). What I'd like to know is - whatever happened to all of that money? We certainly never go pay raises which equaled the amount of money lost. So where did it go? The answer might be a bit more surprising than anyone really wants to know about.
Re:Duh (Score:3, Interesting)
Re:Duh (Score:3, Interesting)
Aych tea tea pea colon slash slash dot dot org slash
h t t p : / / dot . org /
Unless your signature is advertising some link farming site, I think you have a missing slash.
Debian Administration Page. (Score:3, Interesting)
Much of the information in the article about data recovery is also covered by DebianAdministration.org [debian-adm...ration.org]. TestDisk and photorec, are afterall, free software.
Hip, hip hooray!
Re:Memory effect (Score:5, Interesting)
Modern drives now have data densities two orders of magnitude higher than those on which he did his research. Many of those stray effects have been largely eliminated by higher precision electronics.
Picture in your mind how a hard drive works: the head swings left-and-right, and feedback from a servo track tells the arm when it's centered over the desired data track. In the old days, that arm just had to be close enough. Reading overwritten data worked by checking the area around a bit to see if there was evidence of other bits written when the arm was in a different position. This shows up as higher or lower signal strength.
All that slop was robbing the drive of potential places to store data. By making the mechanics more precise, manufacturers are able to squeeze more cylinders onto a platter, and bits on a track. The slop Peter was able to discover has been largely eliminated.
Re:Memory effect (Score:5, Interesting)
The fact that I know people who work in criminal forensics labs and recover data for a living aside, you're obviously set in your opinion. I know however that they can recover data from drives that are more seriously mangled than a simple three pass overwrite. If you want to bet your money or your freedom on your opinion that's one thing, but is it too much to ask that you stop posing yourself as some kind of expert on the subject until you become further educated on the subject?
An aside, BTW; I'm tired of reading of the so-called "DoD specifications" for wiping a hard drive. Yes, they exist in the form of software tools etc. but they're for NON CLASSIFIED DATA ONLY. For top-level classification their specification to ensure data destruction remains to this day in the belly of an incinerator. If you don't want a casual user to recover your data with freely available tools and a few hours of spare time the utilities and methods posed will work just fine. If, however, you don't want your {insert law-voilating material here} to be found by actual law enforcement agents, you'd be best served to turn your hard drive and all memory devices into a molten pile of materials and let them have at it.
Re:speaking of wiping data (Score:3, Interesting)
> simply overwriting it with zeroes, one time over.
For most purposes, this might be perfectly enough.
Certainly an "all-zero" overwrite is far better than a "all-one" overwrite (flash erase operation). But then again it also depends on the controller, because what ends up in the floating gates is what really counts.
See link (below) for some techniques to recover erased or overwritten flash memory. The basic idea is to measure the trapped charge in each cell with higher resolution than just 1/0. In other words: as analog voltage. Since you can't just connect a voltmeter to each gate, you have to trick the read-out circuitry to forward (reveal) this information to you. The document is about how this can be done with some popular chips.
At first these techniques seem to require very invasive access to the memory. But once working, many attacks can be vastly simplified (see TV card scene).
http://www.cl.cam.ac.uk/~sps32/DataRem_CHES2005.p
Regards,
Marc