From owner-freebsd-questions@FreeBSD.ORG Fri Jul 20 15:57:51 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2A79E106564A for ; Fri, 20 Jul 2012 15:57:51 +0000 (UTC) (envelope-from cpghost@cordula.ws) Received: from mail-gg0-f182.google.com (mail-gg0-f182.google.com [209.85.161.182]) by mx1.freebsd.org (Postfix) with ESMTP id D706A8FC0A for ; Fri, 20 Jul 2012 15:57:50 +0000 (UTC) Received: by ggnm2 with SMTP id m2so4885619ggn.13 for ; Fri, 20 Jul 2012 08:57:50 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-originating-ip:in-reply-to:references:date :message-id:subject:from:to:cc:content-type:x-gm-message-state; bh=n/xzT4eT2UgdQ67sqK1V8FfgljWLluNDoa5gvly0pnQ=; b=ggx1/Kr0SHf5m1f3n7aVSGwQYWFBu7CiDsQEWUCfHzxOwLnvrp92tO4E/WbJYC7mVi jlfE/lDwxqztRfRD6is0MFMggZREJ+wBGBj+jlGZg+Kq5zX4UF0MmFT+Bm/45AI2FZbC vywwI9qEN6tQuwHU/LWu26U+IHWnw54SUWDFkgiaN1zh0I+9hpMc7Guip7dBuqzZVhMf /f4BFn5GMEdSRmettA5bkNdqVqUQAMLFQXSr87iDgQ5KLO1YgL8uhFWXuU9eKxD+M3yU WoZwURzcFZoOYPBb9aQlO0qdDuicMvizR71tZLiOcSQMsODgGxz6l9Jy8KtBa40vTlAC sxcQ== MIME-Version: 1.0 Received: by 10.50.46.231 with SMTP id y7mr8668672igm.21.1342799870081; Fri, 20 Jul 2012 08:57:50 -0700 (PDT) Received: by 10.64.124.41 with HTTP; Fri, 20 Jul 2012 08:57:49 -0700 (PDT) X-Originating-IP: [93.221.171.129] In-Reply-To: <201207190253.q6J2r3p0070058@mail.r-bonomi.com> References: <201207181558.q6IFwM7f033708@fire.js.berklix.net> <201207190253.q6J2r3p0070058@mail.r-bonomi.com> Date: Fri, 20 Jul 2012 17:57:49 +0200 Message-ID: From: "C. P. Ghost" To: Robert Bonomi Content-Type: text/plain; charset=ISO-8859-1 X-Gm-Message-State: ALoCoQll2sS/Ny/GFP0oqdUhEcZ6h1b0k5kaZpEjI10o05kV1z+KbsDaL/m2g4nDLtn2zKtRpO5Z Cc: freebsd-questions@freebsd.org Subject: Re: fsck on FAT32 filesystem? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jul 2012 15:57:51 -0000 On Thu, Jul 19, 2012 at 4:53 AM, Robert Bonomi wrote: > All I'm going to say is: > 1) There's a _reason_ the gov't requires hard drives with anthing higher > than 'somewhat' classified data on them to be =physically= destroyed > before leving the secure area. Speaking from experience, I confirm that it's true. However, regulations have been tightened further recently as to mandate sector-level encryption of the hard disks as well, just to be on the sure(rer) side. At least in certain particularly sensitive areas. > 2) As of 2007, 'over-writing' data (regardless of how many times) is *not* > sufficient, any more, for _any_ military purposes. Yes. With enough resources, it is possible to read lower magnetic layers of HDDs, at least partially. And with SDDs, it's trivial to locate the old sectors, because their firmware doesn't overwrite the same physical spots for obvious reasons. That's why sector-level disk encryption is paramount nowadays. And that opens a whole new Pandora's box of key management issues and vulnerabilities. ;-) -cpghost. -- Cordula's Web. http://www.cordula.ws/