Difference between revisions of "Media Sanitizing"

From ForensicsWiki
Jump to: navigation, search
(starting an entry. Needs to pull together the other recovering and tools)
 
Line 1: Line 1:
 
Media Sanitizing is the process of removing data (or removing the ability to extract data) from the media on which it is stored. The two main methods used are Clearing or Purging and Destruction. The method chosen will depend largly on whether the media is required to be reused or recycled. However, care should be taken even with some purging methods, degausing for example can destroy the equipment.
 
Media Sanitizing is the process of removing data (or removing the ability to extract data) from the media on which it is stored. The two main methods used are Clearing or Purging and Destruction. The method chosen will depend largly on whether the media is required to be reused or recycled. However, care should be taken even with some purging methods, degausing for example can destroy the equipment.
  
Gutmann's 1996 paper on [[Recovering Overwritten Data]] suggested that media sanitization (at least by overwriting) was futile as it was always possible to recover the data, although he acknowledged that overwriting multiple times made the  recovery difficult, and perhaps prohibitivly expensive. Later he advised that overwriting twice would suffice for most situations. The need to overwrite multiple times is regarded as a myth by some who point out that this is only possible with extremly expensive laboratory equipment and that there is no software recovery technique which will recover data overwritten even once (if it is in fact overwritten). Joukov Papaxenopoulos & Zadok (2006) [http://doi.acm.org/10.1145/1179559.1179571] on "Secure deletion myths, issues, and solutions" is worth reading.
+
Gutmann's 1996 paper on [[Recovering Overwritten Data]] suggested that media sanitization (at least by overwriting) was futile as it was always possible to recover the data, although he acknowledged that overwriting multiple times made the  recovery difficult, and perhaps prohibitivly expensive. Later he advised that overwriting twice would suffice for most situations. The need to overwrite multiple times is regarded as a myth by some who point out that this is only possible with extremly expensive laboratory equipment and that there is no software recovery technique which will recover data overwritten even once (if it is in fact overwritten). [http://doi.acm.org/10.1145/1179559.1179571 Joukov Papaxenopoulos & Zadok (2006)] on "Secure deletion myths, issues, and solutions" is worth reading.
  
Detailed instructions on media sanitization have been published by NIST as Special Publication 800-88 (2006) [http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf]
+
Detailed instructions on media sanitization have been published by [http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf NIST as Special Publication 800-88 (2006)]
 +
 
 +
= See also =
 +
* [[Recovering deleted data]]
 +
* [http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf NIST as Special Publication 800-88 (2006)]
 +
* [http://doi.acm.org/10.1145/1179559.1179571 Joukov Papaxenopoulos & Zadok (2006)]

Revision as of 18:12, 22 September 2007

Media Sanitizing is the process of removing data (or removing the ability to extract data) from the media on which it is stored. The two main methods used are Clearing or Purging and Destruction. The method chosen will depend largly on whether the media is required to be reused or recycled. However, care should be taken even with some purging methods, degausing for example can destroy the equipment.

Gutmann's 1996 paper on Recovering Overwritten Data suggested that media sanitization (at least by overwriting) was futile as it was always possible to recover the data, although he acknowledged that overwriting multiple times made the recovery difficult, and perhaps prohibitivly expensive. Later he advised that overwriting twice would suffice for most situations. The need to overwrite multiple times is regarded as a myth by some who point out that this is only possible with extremly expensive laboratory equipment and that there is no software recovery technique which will recover data overwritten even once (if it is in fact overwritten). Joukov Papaxenopoulos & Zadok (2006) on "Secure deletion myths, issues, and solutions" is worth reading.

Detailed instructions on media sanitization have been published by NIST as Special Publication 800-88 (2006)

See also