[Cryptography] Magnetic media destruction question

Kent Borg kentborg at borg.org
Thu Jan 8 19:17:16 EST 2026 

On 1/7/26 1:59 PM, John Levine wrote:
> T-7 is about shredding magnetic media, not paper.  I don't see what relevance that has.

Thank you.


> The spec says that T-7 shreds magnetic media into chips no larger than 2.5mm�.  I agree
> that it seems implausible that one could recover data from those.

Given crazy disk densities, I can imagine that there might be 
recoverable data on that. And, as erased data isn't necessarily erased, 
maybe there is some strategy for recovering files that get copied and 
more than once? Maybe it is a bit like piecing together DNA sequences.

Were I paranoid about such things I would be happy with the current 
shredding size, but then insist on some post processing step. Heat? A 
caustic solvent? Stirring a cooking slurry of said?

It is possible that the benefit of shredding is the destruction if data 
where the cuts are made not in the jigsaw puzzle of the remaining bits.


Not that this answers the original question: What has prompted this?


As for wiping data I like the approach of storing lots of high quality 
random data and then read it back out, the only way the storage device 
can regurgitate the data correctly is by honestly storing it. Do this 
repeatedly and any old data that could be recovered has to be small, or 
the device is leaving too much capacity unsold. But the approach I 
really like is full disk encryption. I am suspicious of letting the 
device claim to do the encryption, so I like the idea of the opensource 
OS doing it. (And no Microsoft tricks of not encrypting because the 
device said it will do it.)


I have long done full-disk encryption of my laptops, but what about the 
boot partition? Only with my most recent machine have I done 
/full/-full-disk encryption: I don't have boot partition, the machine 
(as it sits in the hotel room awaiting the evil main) is not bootable at 
all. I boot with a tiny external thumbdrive I keep separately. There is 
still plenty the evil made can do, no doubt.

To prove to some security person that it is a working computer (do they 
still do that?) boot from a "live CD" thumbdrive and don't decrypt the 
internal storage at all.


-kb, the Kent who doesn't think anyone is really after his data 
(excepting that time he visited China), but who crafts his personal 
security as more of an intellectual exercise.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20260108/7a29395b/attachment.htm>

More information about the cryptography mailing list