• elucubra@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    14
    ·
    14 hours ago

    A megafuckhuge IT corp who deals in data doesn’t have backups, right, RIGHT???

  • Drusenija@aussie.zone
    link
    fedilink
    English
    arrow-up
    8
    ·
    20 hours ago

    The fact that clicking the link takes you to a 404 page definitely helps with the whole “accidentally” bit.

    Anyone know if the story turned out to be false and got deleted or if it’s just a dud link?

  • fmstrat@lemmy.nowsci.com
    link
    fedilink
    English
    arrow-up
    90
    ·
    2 days ago

    Important context:

    • Data was recovered
    • Plaintiff does not believe it was purposeful
    • Cost plaintiff a week’s work
    • Plaintiff has already spent 150 hours going through data
  • elucubra@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    25
    ·
    2 days ago

    In Spain, in a major political corruption trial, a party turned in as evidence some drives that had been erased by Dban 7 times. They argued that it was routine to do seven passes.

      • mosiacmango@lemm.ee
        link
        fedilink
        English
        arrow-up
        9
        arrow-down
        1
        ·
        edit-2
        2 days ago

        It’s an option, but not the default. It takes forever to run, so someone using it is being very intentional.

        It’s also considered wildly overkill, especially with modern drives and their data density. Even a single pass of zeros, the fastest and default dban option, wipe data at a level that you would need a nation state actor to even try to recover data.

        • Saik0@lemmy.saik0.com
          link
          fedilink
          English
          arrow-up
          12
          arrow-down
          1
          ·
          2 days ago

          so someone using it is being very intentional.

          Not if you’re used to taking DoD requests. It was my default for a very long time because I simply defaulted to it for compliance reasons.

          It’s also considered wildly overkill

          Absolutely is. Doesn’t mean that people like me aren’t out there in droves.

          But SSDs make this all moot and HDD are being phased out of many environments. SSDs with chucking the key is more than sufficient as well.

          • mosiacmango@lemm.ee
            link
            fedilink
            English
            arrow-up
            5
            ·
            edit-2
            2 days ago

            DoD dropped it 7 and 3 pass requirements in 2006.

            Later in 2006, the DoD 5220.22-M operating manual removed text mentioning any recommended overwriting method. Instead, it delegated that decision to government oversight agencies (CSAs, or Cognizant Security Agencies), allowing those agencies to determine best practices for data sanitization in most cases.

            Meanwhile, the U.S. National Institute of Standards and Technology (NIST), in its Guidelines for Media Sanitization of 2006 (PDF), stated that “for ATA disk drives manufactured after 2001 (over 15 GB) clearing by overwriting the media once is adequate to protect the media.” When NIST revised its guidelines in late 2014, it reaffirmed that stance. NIST 800-88, Rev. 1 (PDF) states, “For storage devices containing magnetic media, a single overwrite pass with a fixed pattern such as binary zeros typically hinders recovery of data even if state of the art laboratory techniques are applied to attempt to retrieve the data.” (It noted, however, that hidden areas of the drive should also be addressed.)

            For ATA hard disk drives and SCSI hard disk drives specifically, NIST states, “The Clear pattern should be at least a single write pass with a fixed data value, such as all zeros. Multiple write passes or more complex values may optionally be used.”

            • Saik0@lemmy.saik0.com
              link
              fedilink
              English
              arrow-up
              5
              arrow-down
              2
              ·
              edit-2
              2 days ago

              Congrats? DBAN was made prior to 2006… IT people existed before 2006. What’s your point? You think that people just spawned into existence in 2006 with decades of IT knowledge? So like I said… “It WAS my default for a very long time because I simply defaulted to it for COMPLIANCE reasons”… eg. my contracts at the time required it and I ran boatloads of wipes.

              Regardless… DOD 5220.22-M now states

              The National Industrial Security Program Operating Manual (NISPOM) is now Part 117 of Title 32, Code of Federal Regulations.

              So let’s go look at the NISPOM stuff which says… NOTHING! So what you end up with is companies referencing the old DOD 5220.22-M because old government contracts will actually say that specific document in contracts as something that must be adhered to for a long long time. So even though it “died” on 2006, contracts may not be renewed for some time after that which still keeps the document alive.

              Now DOD 5220.22-M actually specified and defines short wipes (3 pass) and long wipes (7 pass). And in theory, could be superceded by NIST 800-88 (and probably is the default on modern contracts). And regardless of all of that… DoD internally has it’s own standards, which after wipe often requires degaussing or outright destruction of the disk, I remember having a dedicated device for it that would document serials and stuff. I’d have to pull up my army documents to remember which specific rules required that type of stuff, but I’m not going to dig out shit from 2010 just to argue with someone on lemmy.

              So I guess this boils down to… The world didn’t spawn into existence in 2006. People are older than 2006 and are allowed to talk about their experiences from before the “old times”.

              Edit: And in current contracts… all our shit is NVMe and secure erase. But I’m willing to bet muscle memory would still kick in for me if I saw the DBAN screen.

              • sugar_in_your_tea@sh.itjust.works
                link
                fedilink
                English
                arrow-up
                2
                ·
                edit-2
                1 day ago

                And honestly, if you’re going to do a single pass, might as well do multiple. It doesn’t take any more of my time for 1 pass vs 7, assuming I only have a handful to do. I’ll probably just start one before I leave for the day, swap to another when I come in, and repeat until the pile is cleared.

                If something is worth doing, and overdoing doesn’t take any extra effort, I’ll overdo it.

                • Saik0@lemmy.saik0.com
                  link
                  fedilink
                  English
                  arrow-up
                  3
                  arrow-down
                  1
                  ·
                  1 day ago

                  That was basically the workflow. On smaller drives you could do one when you get in, one at lunch and one before you left. Eventually drives got large enough that it was just once in the morning and once before leaving.

                  I’ll overdo it.

                  Half the contracts you didn’t know if they wanted the short wipes or long wipes. So you just do long wipes to cover your ass. It’s not like there was a rush, it was a simply menial task that became a second nature set of bashing the keyboard. Like typing some of my passwords and pins… I have no fucking clue what they are anymore… but put in front of the keyboard and I can type them by muscle memory.

              • mosiacmango@lemm.ee
                link
                fedilink
                English
                arrow-up
                1
                ·
                edit-2
                1 day ago

                I’m discussing this comment :

                https://sopuli.xyz/comment/13141026

                the one that you initially replied to talking about recent Spanish court case where the defendants used a 7x wipe on some drives that were required to be retained as evidence.

                Im well aware sysadmins existed before 2006, and also don’t see how that’s relevant in context. Security practices change over the course of 18 years in IT, as they have for secure wiping data.

                • Saik0@lemmy.saik0.com
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  arrow-down
                  2
                  ·
                  1 day ago

                  So am I. I’m not sure what you think wasn’t relevant. It’s a literal DoD spec. Yes that spec is outdated, but it’s still in Dban.

                  You coming out of nowhere talking about how the DoD spec itself is “dead” doesn’t change the fact that it’s available and probably still used by many people out there. I’m willing to be that several companies have the old DoD spec embedded in their own SOPs. And I was always talking in the context of the contract work I did long ago which WAS to the old DoD spec regardless.

        • hemko@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          5
          ·
          2 days ago

          Okay so what you think is wildly overkill, is about 10% of the effort some organizations go through to make sure data is not restoreable.

          • mosiacmango@lemm.ee
            link
            fedilink
            English
            arrow-up
            7
            ·
            edit-2
            2 days ago

            My org shreds discs entirely with a mechanical grinder, so I’m well aware of overkill.

            Multiple overwrites being unnecessary isnt really an opinion. Here is the company that owns dban agreeing with security orgs like NIST, that anything past 1 write is unnecessary. .

            I think the issue comes down to whether the org in question does that 7 passes consistently on all discs, or if it just so happened to start that policy with those that had evidence on them.

            • Saik0@lemmy.saik0.com
              link
              fedilink
              English
              arrow-up
              2
              arrow-down
              2
              ·
              1 day ago

              I think the issue comes down to whether the org in question does that 7 passes consistently on all discs, or if it just so happened to start that policy with those that had evidence on them.

              No? If 1 is sufficient, any additional shouldn’t matter in any considerations at all. Could have simply been somebody who hit the preset on accident.

  • RubberDuck@lemmy.world
    link
    fedilink
    English
    arrow-up
    42
    arrow-down
    1
    ·
    2 days ago

    Then the assumption should be the most damning scenario for open AI that this evidence could provide.

          • GiveMemes@jlai.lu
            link
            fedilink
            English
            arrow-up
            2
            ·
            2 days ago

            Are you actually educat3d on this or just saying things? Because I’m asking bc idk

            • Voroxpete@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              13
              ·
              2 days ago

              So, I had to double check myself on this one, and my original answer wasn’t entirely correct.

              If it is found that the destruction of evidence was intentional then yes, the jury can be instructed to view the missing information in the least favorable light, or a case can simply be outright dismissed or a default judgement entered.

              However even in the case of “accidental” (ie, not provably intentional) deletion the court can still take various measures to redress the balance in some way.

              I am not a lawyer but this guy is - https://joneskell.com/how-spoliation-of-evidence-impacts-litigation/

                • jaxxed@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  14 hours ago

                  Keep in kind that there is a geopolitical orientation in law. What is written here may not apply in all regions, nor all types of legal procedure.

            • chiliedogg@lemmy.world
              link
              fedilink
              English
              arrow-up
              2
              ·
              edit-2
              2 days ago

              Failing to preserve evidence is sacntionable, even if it isn’t willful destruction. The penalties generally aren’t as stiff, but if the judges accepted “Oopsie, we accidentally destroyed evidence we were required to preserve” as a defense, there would be an incentive to destroy evidence and claim it was an accident.

              The fact that most companies still turn over evidence that’s damning to their own cases is the proof that it’s generally a bad idea to accidentally destroy evidence.

              Look at it another way: If you’re speeding and get pulled over, would a judge let you off if you tell him you were only doing 70 in a 35 because you weren’t paying attention to the road?

        • NounsAndWords@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          2 days ago

          It depends on the court and the judge/jury instructions but even accidental spoliation (destruction) of evidence can result in an adverse inference.

  • HailSeitan@lemmy.world
    link
    fedilink
    English
    arrow-up
    18
    arrow-down
    1
    ·
    2 days ago

    Journalistic malpractice to repeat their “accidentally” claim without attribution or quotes