> m.roth at 5-cent.us wrote: >> That may be the case, but the laws and regulations still want that level >> of security, due to the regular "one of our people lost a laptop/it was >> stolen, and 7 zillion PII* got stolen!!!" >> >> mark "yes, I am working for the gov't" But not the DoD, let me say. > > the oft-quoted 1995 vintage DoD 5220-22m standard of writing 1010, 0101, > 1111, 0000 then repeating three times was deprecated from the 2001 > edition of the same document. Haven't read that, but I was told seven passes. > > the NIST has a document on data destruction, too... > http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf > where table 2-1 says a single overwrite is quite sufficient on most of > today's media... I'd trust the NIST. However, management is often some ways behind reality.... <snip> > I like the bit on page 32 of that document telling the telecommuter how > to smash a drive with a hammer if he doesn't have access to proper > equipment. They were *supposed* to do that on the plane that the Chinese got in what, '01? mark