On 2016-01-05 15:56, Terry Stewart wrote: 200 disks, especially if they weren't in great shape, can take some time. I assume they wanted full data recovery using all possible means, plus conversion of all the documents to a modern format. With one-of-a-kind stuff, you don't have the luxury of experimenting and playing around with it. You have to make sure you aren't destroying them further while trying to read them- sometimes you only get one chance and the mylar coating comes right off. After that, it's over. -- -- Pete Rittwage Disk Preservation Project http://diskpreservation.com

Attempting to read floppies with the wrong kind of drive can also cause damage. Back in the day, people were all aflutter about drive rings and how having them or not having them caused damage when they read the floppy in a 'foreign' setting. There were rumors about head clearance and such also being an issue when newer drives were used to read older floppies, but I never could find someone that was actually affected by it. Warner On Tue, Jan 5, 2016 at 2:07 PM, Terry Stewart <terry at webweavers.co.nz> wrote:

On 01/05/2016 01:21 PM, Fred Cisin wrote: IIRC, it was several, mostly Japanese. I'd have to go back to my notes --Chuck

On January 5, 2016 3:30:11 PM CST, Ethan Dicks <ethan.dicks at gmail.com> wrote: so, is it believed that that is a picture of an actual machine involved? because that machine looks EXACTLY like a CP/M machine we built here in MN around 1979 at a company called Multi-Tech Systems (the modem people). It was a clone of a design done by another company called R2E which I seem to remember being French. The system initially used Micropolis 77 track, 100 TPI drives and a Micropolis controller design that was also used in Vector Graphic machines. Toward the end of that product's life at Multi-Tech, it had been upgraded to a GCR controller, with the same drives, and that controller had more horsepower than the host machine it plugged into :-). Machine was called MT-500 and was 64K Z80 at 4 MHz with (4) S-100 slots on the single board. Video was 8275 CRT controller and the tubes were usually amber. I still have one of these machines but without the ~40 lb cabinet it was usually built in. Sure looks similar to me. -- Chris Elmquist

On Tue, Jan 5, 2016 at 4:24 PM, Lyle Bickley <lbickley at bickleywest.com> wrote: Since the article in PC world mentioned that most of the floppies were "in CP/M format", and I know there are many possible ways to make flux transitions on spinning rust, I totally get that it can take some time to figure out where the actual bits are on the medium, but once you have the data portion of the sectors on a modern machine, CP/M wasn't all that complicated, and IIRC, files were on sequential blocks once they started (not scattered about such as with most modern filesystems), knowing that you were starting with something based on CP/M, what was so obscure that it took months to untangle that part? -ethan

Since this thread has been focused on Floppy media, my assumption is that writing all zeros does not refer to a hard disk drive. Is my assumption incorrect? I have a (exactly!!) one GB file with all zeros (obviously not a floppy) on my hard drive. If I fill the remaining storage with copies of this file, does that eliminate recovery from that portion of the hard drive? And since I have two physical hard drives, copying from a one GB file from one physical drive to the other physical drive usually takes only about one minute, so it would be quite an efficient method to destroy any old data. Jerome Fine

On 01/05/2016 03:00 PM, Fred Cisin wrote: I recall reading (back in the 90s, that various labs were fooling with this wrt hard disks of the timeand that any success was extremely small potatoes. i.e. maybe a kilobit per hour and not 100% by any means. We have easier ways now, thanks to the Patriot Act. More personal. When folks would ask me how to completely erase a hard disk, I suggested that bashing it to junk using a good sledge hammer or running it through a log chipper then burning the pieces was a good start. On the other hand, simply shredding floppies isn't good enough. There was an old "The New Explorers" program on putting floppies back together and getting data. I know the people who did it--in one of the shots in the background, you can see Anadisk running. I suggest letting floppies soak for a week in a barrel of diesel, then setting fire to them should do the trick. The old maxim of "you don't know what you've got 'til it's gone" applies to data recovery as well. --Chuck

Is there really an application for which multiple overwrites are called for but for which thermite is not a better answer? It seems to me that if the data are risky enough that you have to worry about anyone opening the drive in a cleanroom and trying palimpsest magnetic-pattern recovery, surely new drives are cheap enough that the security of melting the drive into a puddle of liquid metal is easily worth the cost. But, of course, I don't work in that space, so it's entirely possible I'm just missing something. /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTML mouse at rodents-montreal.org / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B

On 01/07/2016 09:36 AM, Fred Cisin wrote: The paper that got the most notice was from Peter Gutmann from the early 90s. https://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html --Chuck

----- Original Message ----- From: "Fred Cisin" <cisin at xenosoft.com> To: "General Discussion: On-Topic and Off-Topic Posts" <cctalk at classiccmp.org> Sent: Thursday, January 07, 2016 1:58 PM Subject: Re: Floppy recovery Well, if you don't have access to thermite or even a large sledgehammer then this recommendation of his might be a cost-effective solution: http://www.diskstroyer.com/Home.html Even if you do have that sledgehammer this might be useful as a preprocessing step before final treatment with the aforementioned hammer. I'm fortunate in already having some of the tools in this kit and some experience in their use and I can highly recommend this technique, not only for data destruction but also for relaxation and a source of various unique parts. I wonder how many of those clocks made from HD platters contain sensitive information; definitely something else to worry about... ;-)

Actually, red heat is well above the Curie temperature for most media, isn't it? You could chuck the platters into the coals of a bonfire, let them get up to a nice cherry red. Depending on what the platters are made of, this might even melt them, which should effectively destroy any organization in the material that once formed a thin film on them. If not, it should demagnetize the coating.... /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTML mouse at rodents-montreal.org / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B

What's wrong with the "disassemble and rend with heavy hammer" approach? Doesn't that render the platters un-readable, if done with sufficient ardor? On Thu, Jan 7, 2016 at 5:09 PM, Stefan Skoglund (lokal < stefan.skoglund at agj.net> wrote:

On Thu, 7 Jan 2016, drlegendre . wrote: Bending the platters will keep them from turning and being usable in the drive, but does NOT prevent various other imaging methods. Breaking a platter in half doesn't prevent those techniques. Shattering a glass platter into dozens of pieces doesn't prevent those techniques. breaking it into tiny bits may or may not depending on how much effort somebody is willing to put into identifying where each piece came from in the platter. High heat should work. Sanding all of the rust off of the platter should work. Mailing the drive to a government office, with a note saying, "please help me recover the pictures of my grandmother's birthday party", and having it lost in their mailroom might work.

On Thu, 7 Jan 2016, Charles Anthony wrote: Label the one next to yours: CONFIDENTIAL : TOP SECRET or label the one next to yours: TAX RECEIPTS, and label your drive: REAL TAX RECEIPTS If you were to label your enemy's drive ISIS, CHILD PORN would that consume enough resources that they don't bother with yours?

On 01/07/2016 08:17 PM, jwsmobile wrote: There are several Youtube clips of these things in operation, including one that's being fed vintage Macs. --Chuck

Oh yes, one of my favorite topics. I get a lot of questions where people refer to "the DoD wiping standard". Unfortunately, there isn't one. There are some very old documents that give suggestions, but those seem to have expired long ago. Gutmann's document is similarly old. Any decade-old rule suffers from the fact that drive technology has changed drastically, and considerations that were valid then are no longer valid. Gutmann did great work at the time, and his contribution deserves to be honored, but it has very much been superseded by technology change. Tracks are so much smaller and margins so tiny that multiple erasures don't add much if anything. On the other hand, block replacement, and especially the write remapping done by SSDs, can leave stuff in places you can't even see until you take the device apart. In fact, hard drives are not much of an issue, but SSDs should make you worry. Incineration should work, but use enough heat. Shredding is questionable, unless the particles are very small. I think high end shredders are required to produce particles less than 1/32 inch in size. Much more recent work on erase was done by Gordon Hughes at UCSD. See http://cmrr.ucsd.edu/people/Hughes/secure-erase.html for more. If you want data security and don't like destroying your hardware, SED ("self-encrypting drives") are a solution. Those encrypt all data, and "erase" by discarding and replacing the data encryption key. So all your sectors instantly turn to random noise. SSD versions of those are starting to appear, which addresses the invisible old copies problem that regular SSDs have. The great thing of an SED is not just the security of its erase function, but in particular the speed: it takes only seconds to destroy all the data on the drive. paul

True. I know of at least one first generation SED that uses ECB mode. Anyone who has looked at IEEE 802.11 knows that cryptographic competence is not common, and that some of the people designing cryptosystems are not only unqualified to do so, but sufficiently ignorant that the aren't even aware that they aren't qualified. With SEDs as with any other security tool, one has to be sceptical and ask very pointed questions. For example, with the SSD kind, I probed deeply into how the key is replaced in a "crypto erase" operation, down to the level of the flash memory primitives involved. The particular implementation I looked at had the correct answers. The key here is the use of signed firmware, which I believe is the normal practice. With that, it's not just a matter of reverse engineering, the attacker would also have to steal the firmware signing key. Agreed. I've been a TrueCrypt user ever since DriveCrypt went off track. Maybe so. But you can definitely make things much harder, which is worth doing. paul

I don?t know if it?s typical or not, but every company that I?ve worked for that has managed crypto-keys has taken key security *very* seriously. For example, the key generating system (usually something custom) is kept in an ?air gapped? vault (and I *do* mean vault). The vault can only be opened when two authorized individuals are present (ie neither one can get into the vault without the other). Everything is tracked and audited on a regular basis. One big semi-conductor company does it this way (I have personal knowledge). I also helped set up this type of crypo-key management for one of the startups I worked for once upon a time (even to the point where they crypto-key hardware would ?self destruct? if tampered with?sorry no sparks, smoke or other visual aids?it just erased itself). TTFN - Guy

Probably. ;-) Agree. In the cases I?m aware of they do both. ;-) TTFN - Guy

On Thu, Jan 7, 2016 at 1:33 PM, Mike Stein <mhs.stein at gmail.com> wrote: Easiest? Throw some money at having someone do the work for you. Grant at http://altairkit.com says that he used these people to scan and replicate some vintage PCBs: http://www.mhtest.com/scanning.shtml No idea how much that costs. Probably in the if you have to ask you can't afford it range.

I threw it to 50-50 when I weighed in the possibility that he might find an organization willing to pay him something ridiculous to have the archive posthumously. If that doesn't happen, yeah, 90-10. On Tue, Jan 5, 2016 at 4:58 PM, Rich Alderson < RichA at livingcomputermuseum.org> wrote:

On Tue, Jan 5, 2016 at 4:58 PM, Rich Alderson <RichA at livingcomputermuseum.org> wrote: -ethan