An Independent Study for Deliberate Malicious Code?

[Interesteduser]

Hello, i was wondering if such a study had been implemented or if any technically educated users had looked into Eraser's source code itself. I was interested in possible malicious code in Eraser, as well as other programs for free space deletion, its competitors, etc... This is not at all meant to be an insult to the developers of Eraser, but to inquire for non technically proficient end users to see for themselves (or at least how it appears in the opinion of others).

I greatly appreciate your help and if such a study or forum thread exists, on Eraser, as well as other free space deletion programs, please direct me.

I'm greatly interested in the privacy aspect, as we are all really endowed by our creator the right to live in privacy...


-An Interested User


(as a side question: Eraser claims to make all recovery of the deleted data impossible to recover (ie all software recovery methods) albeit physically examining the hard disk. Could someone perhaps elaborate more on what specifically this means and how Eraser's developers and pioneers of this technology ascertain that the overwritten data is absolutely irrecoverable, albeit physical examination.)

Thank you so much

 

[Joel]

Hello, i was wondering if such a study had been implemented or if any technically educated users had looked into Eraser's source code itself.

Perhaps -- but none have actually informed me about it.

I was interested in possible malicious code in Eraser, as well as other programs for free space deletion, its competitors, etc... This is not at all meant to be an insult to the developers of Eraser, but to inquire for non technically proficient end users to see for themselves (or at least how it appears in the opinion of others).

Indeed, that's why Eraser's source code is publicly published for all to see. Whoever wishes to investigate our techniques and code is free to do so.

(as a side question: Eraser claims to make all recovery of the deleted data impossible to recover (ie all software recovery methods) albeit physically examining the hard disk. Could someone perhaps elaborate more on what specifically this means and how Eraser's developers and pioneers of this technology ascertain that the overwritten data is absolutely irrecoverable, albeit physical examination.)

"Physical examination" involves the disassembly of a hard disk and examining the disk surface using technologies such as Magnetic Force Microscopes to determine the actual magnetic configuration of the disk. This would allow the adversary to determine the data on the disk. A few years ago, the data format on the disk and the data format on disks now differ, hence the need for the original Guttman erasure method. There is currently no evidence that on a modern (say, <5 year old) drive with data overwritten with more than one pass can have data effectively recovered in more than one way. Even when Guttman's paper must published (in 1997) the probability of anyone using physical examination was quite remote as one would need to be very well-funded to do this.

"Software recovery" would usually rely on the operating system and the disk itself to read back its own data, even if deleted. This is defeated by simply overwriting a file with one pass of random data on modern drives.

Eraser works with certain assumptions about what the OS would do when writing a file. In the case of a file with allocated space, the OS usually reuses the allocated space before reallocating more space for the file. Thus, overwriting the portions of the disk which was consumed by a sensitive file becomes possible. Nevertheless, this is a simplified picture. Modern OSes have many tricks up their sleeves in terms of data storage, and Eraser tries to work with them where possible, or raising an error where erasure is deemed impossible.