Vista - Who can crack the Gutmann method?

**PainlessTorture** · 02-06-2009

Hey Guys,
I was reading an article saying how even law enforcement are having trouble reading data erased using Gutmann. I was wondering what your thoughts would be...Do you think the CIA or MI6 etc could get data that has been overwritten by the Gutmann method?

I would be interested in your thoughts. Personally im surprised that law enforcement cant. However the CIA might have slightly more resources

**Dwarf** · 02-07-2009

Given enough time, and the resources to do it, I would have thought that both the CIA and FBI would be able to make some headway into deciphering the data on hard drives no matter what method was used to overwrite the data already on there.
When you overwrite data on a drive, people think that the original data is unaccessible. Wrong. With the right tools and equipment, this data can still be accessed. Normally, the electronics (logic board) on the drive filters out this data (signals created by residual magnetism of data that was written prior to the latest data), classing it as noise and just allows the strongest signal (the most recent data written) to pass through and hence to the computer. By bypassing this circuitry, it is possible to access the raw signals directly from the drive heads and process it to extract this data. The signal level of this data is extremely low, but it is still possible to go back a number of generations although I am not sure how far back it is pheasible to go.

As a result of this, there is only one guaranteed solution for people who wish to permanently erase sensitive data from their drives and that is to physically destroy the drive. This means opening the drive up and destroying the platters so that they may no longer be readable. This can take the form of gouging deep scratches into the platter surfaces or even breaking them up into pieces (or a combination of both). It is no good simply destroying the logic board because, as can be seen from the above explanation, this board is bypassed anyway by the techniques used (and, in any case, this board can be replaced and is actually one of the methods that can be used to ressurect a seemingly dead drive)..

**PainlessTorture** · 02-07-2009

Thanks for your reply Dwarf

**Techymike** · 02-07-2009

They employ people who are known hackers. Hense they are the real techies in this art. Destroying the hard drive is the only true method of privacy! Each time the hard drive is formatted with zeros ther is still a source trace left that can be decrypted even though the numbers have changed on the drive. Data can't be completely removed once written! It just takes major decryption to find it. It is like your IP addy, it is traceable back to you and there is no way around that other then removing the hard link. Coming from a history of lets say questionable SAT testing, that is why I always kept it on a seperate source as not to be traced. Thank goodness those days have passed and all is legit now.

**PainlessTorture** · 02-07-2009

Techymike - I know this already

I was just wondering who would have the resources to crack it? I know a normal person or a criminal wouldn't have the skills or resources to read data that has been sanitized with Gutmann. I don't understand how the data can still be on the hard disk. If that's the case how come we cant use that to store lots more data than the capacity of the HDD?

**Techymike** · 02-07-2009

Once the data is etched in it will always be ther in some sort. It is not generally able to be viewed by typical methods yet think of a microscope probing a magnetic image... there is always a way to pull bits and pieces of data on a used system storage device. It may be scrambled yet it is still there. If you are looking for secure data then it must be completely removed from access as to not allow anyone to view it. I have a collection of hard drives just for that use. MOST have been detroyed as they are no longer of use and completely not traceable anymore. It kind of goes with the story of better safe then sorry! If in doubt then completely remove the threat and be 100% for sure. That is the best advice I can offer. Hard drives are cheap so what cost do you place on your privacy? If there is nothing to hide then do not worry. It is really pretty simple!

Data is like a ball stuffed in a tube and only so many balls will fit in the tube. Once filled there is no more room to add more. It is basic physics.

02-06-2009	#1 (permalink)
PainlessTorture Windows Vista™ Ultimate x64 471 posts	Who can crack the Gutmann method? Hey Guys, I was reading an article saying how even law enforcement are having trouble reading data erased using Gutmann. I was wondering what your thoughts would be...Do you think the CIA or MI6 etc could get data that has been overwritten by the Gutmann method? I would be interested in your thoughts. Personally im surprised that law enforcement cant. However the CIA might have slightly more resources
My System Specs

02-07-2009	#2 (permalink)
Dwarf Vista Home Premium 32-bit & Vista Ultimate 64-bit both Service Pack 2 W7 Pro RTM 7600 32 & 64 2,177 posts	Re: Who can crack the Gutmann method? Given enough time, and the resources to do it, I would have thought that both the CIA and FBI would be able to make some headway into deciphering the data on hard drives no matter what method was used to overwrite the data already on there. When you overwrite data on a drive, people think that the original data is unaccessible. Wrong. With the right tools and equipment, this data can still be accessed. Normally, the electronics (logic board) on the drive filters out this data (signals created by residual magnetism of data that was written prior to the latest data), classing it as noise and just allows the strongest signal (the most recent data written) to pass through and hence to the computer. By bypassing this circuitry, it is possible to access the raw signals directly from the drive heads and process it to extract this data. The signal level of this data is extremely low, but it is still possible to go back a number of generations although I am not sure how far back it is pheasible to go. As a result of this, there is only one guaranteed solution for people who wish to permanently erase sensitive data from their drives and that is to physically destroy the drive. This means opening the drive up and destroying the platters so that they may no longer be readable. This can take the form of gouging deep scratches into the platter surfaces or even breaking them up into pieces (or a combination of both). It is no good simply destroying the logic board because, as can be seen from the above explanation, this board is bypassed anyway by the techniques used (and, in any case, this board can be replaced and is actually one of the methods that can be used to ressurect a seemingly dead drive)..
My System Specs

02-07-2009	#3 (permalink)
PainlessTorture Windows Vista™ Ultimate x64 471 posts	Re: Who can crack the Gutmann method? Thanks for your reply Dwarf
My System Specs

02-07-2009	#4 (permalink)
Techymike Vista Home Premium x64 213 posts	Re: Who can crack the Gutmann method? They employ people who are known hackers. Hense they are the real techies in this art. Destroying the hard drive is the only true method of privacy! Each time the hard drive is formatted with zeros ther is still a source trace left that can be decrypted even though the numbers have changed on the drive. Data can't be completely removed once written! It just takes major decryption to find it. It is like your IP addy, it is traceable back to you and there is no way around that other then removing the hard link. Coming from a history of lets say questionable SAT testing, that is why I always kept it on a seperate source as not to be traced. Thank goodness those days have passed and all is legit now.
My System Specs

02-07-2009	#5 (permalink)
PainlessTorture Windows Vista™ Ultimate x64 471 posts	Re: Who can crack the Gutmann method? Techymike - I know this already I was just wondering who would have the resources to crack it? I know a normal person or a criminal wouldn't have the skills or resources to read data that has been sanitized with Gutmann. I don't understand how the data can still be on the hard disk. If that's the case how come we cant use that to store lots more data than the capacity of the HDD?
My System Specs

02-07-2009	#6 (permalink)
Techymike Vista Home Premium x64 213 posts	Once the data is etched in it will always be ther in some sort. It is not generally able to be viewed by typical methods yet think of a microscope probing a magnetic image... there is always a way to pull bits and pieces of data on a used system storage device. It may be scrambled yet it is still there. If you are looking for secure data then it must be completely removed from access as to not allow anyone to view it. I have a collection of hard drives just for that use. MOST have been detroyed as they are no longer of use and completely not traceable anymore. It kind of goes with the story of better safe then sorry! If in doubt then completely remove the threat and be 100% for sure. That is the best advice I can offer. Hard drives are cheap so what cost do you place on your privacy? If there is nothing to hide then do not worry. It is really pretty simple! Data is like a ball stuffed in a tube and only so many balls will fit in the tube. Once filled there is no more room to add more. It is basic physics.
My System Specs

Similar Threads
Thread	Forum
Re: No CD crack (Ironman)	Vista Games
Method invocation failed because [System.String] doesn't contain a method	PowerShell
vista crack	Vista General
crack for vista	Vista General
A Cost Analysis of Windows Vista Content Protection by Peter Gutmann	Vista General