Difference between revisions of "Media Sanitizing"

From ForensicsWiki
Jump to: navigation, search
 
(4 intermediate revisions by the same user not shown)
Line 1: Line 1:
Media Sanitizing is the process of removing data (or removing the ability to extract data) from the media on which it is stored. The two main methods used are Clearing or Purging and Destruction. The method chosen will depend largly on whether the media is required to be reused or recycled. However, care should be taken even with some purging methods, degausing for example can destroy the equipment.
+
Media Sanitizing is the process of removing data, or removing the ability to extract data, from the media on which it is stored. The two main methods used are Clearing or Purging and Destruction. The method chosen will depend largly on whether the media is required to be reused or recycled. However, care should be taken even with some purging methods, degausing for example can destroy the equipment.
  
Gutmann's 1996 paper on [[Recovering Overwritten Data]] suggested that media sanitization (at least by overwriting) was futile as it was always possible to recover the data, although he acknowledged that overwriting multiple times made the  recovery difficult, and perhaps prohibitivly expensive. Later he advised that overwriting twice would suffice for most situations. The need to overwrite multiple times is regarded as a myth by some who point out that this is only possible with extremly expensive laboratory equipment and that there is no software recovery technique which will recover data overwritten even once (if it is in fact overwritten).  [http://doi.acm.org/10.1145/1179559.1179571 Joukov Papaxenopoulos & Zadok (2006)] on "Secure deletion myths, issues, and solutions" is worth reading.
+
Gutmann's 1996 paper on [[Recovering Overwritten Data]] suggested that media sanitization (at least by overwriting) was futile as it was always possible to recover the data, although he acknowledged that overwriting multiple times made the  recovery difficult, and perhaps prohibitivly expensive. Later he advised that overwriting twice would suffice for most situations - See [[Epilogue to Gutmann's 1996 paper]]. The need to overwrite multiple times is regarded as a myth by some who point out that this is only possible with extremly expensive laboratory equipment and that there is no software recovery technique which will recover data overwritten even once (if it is in fact overwritten).  See [http://doi.acm.org/10.1145/1179559.1179571 Joukov Papaxenopoulos & Zadok (2006)] on "Secure deletion myths, issues, and solutions"
  
 
Detailed instructions on media sanitization have been published by [http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf NIST as Special Publication 800-88 (2006)]
 
Detailed instructions on media sanitization have been published by [http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf NIST as Special Publication 800-88 (2006)]
  
 
= See also =
 
= See also =
 +
== ForensicWiki ==
 
* [[Recovering deleted data]]
 
* [[Recovering deleted data]]
* [http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf NIST as Special Publication 800-88 (2006)]
+
* [[Epilogue to Gutmann's 1996 paper]]
* [http://doi.acm.org/10.1145/1179559.1179571 Joukov Papaxenopoulos & Zadok (2006)]
+
*[[Sanitizing Tools]]
 +
 
 +
== External ==
 +
* [http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf NIST Special Publication 800-88 (2006)] Guidelines for Media Sanitization
 +
* [http://doi.acm.org/10.1145/1179559.1179571 Joukov Papaxenopoulos & Zadok (2006)] Secure Deletion Myths, Issues, and Solutions (subscription is necessary for full text)

Latest revision as of 18:22, 22 September 2007

Media Sanitizing is the process of removing data, or removing the ability to extract data, from the media on which it is stored. The two main methods used are Clearing or Purging and Destruction. The method chosen will depend largly on whether the media is required to be reused or recycled. However, care should be taken even with some purging methods, degausing for example can destroy the equipment.

Gutmann's 1996 paper on Recovering Overwritten Data suggested that media sanitization (at least by overwriting) was futile as it was always possible to recover the data, although he acknowledged that overwriting multiple times made the recovery difficult, and perhaps prohibitivly expensive. Later he advised that overwriting twice would suffice for most situations - See Epilogue to Gutmann's 1996 paper. The need to overwrite multiple times is regarded as a myth by some who point out that this is only possible with extremly expensive laboratory equipment and that there is no software recovery technique which will recover data overwritten even once (if it is in fact overwritten). See Joukov Papaxenopoulos & Zadok (2006) on "Secure deletion myths, issues, and solutions"

Detailed instructions on media sanitization have been published by NIST as Special Publication 800-88 (2006)

See also

ForensicWiki

External