RSS

The Great Zero Challenge Remains Unaccepted

Sat, 6th September 2008, 20:13

Note: This was originally a challenge put on by http://16systems.com/zero/index.html -- not Hostjury.

 

Q. What is this?

A. A challenge to confirm whether or not a professional data recovery firm or any individual(s) or organization(s) can recover data from a hard drive that has been overwritten with zeros once. We used the 32 year-old Unix dd command using /dev/zero as input to overwrite the drive. Three data recover companies were contacted. All three are listed on this page. Two companies declined to review the drive immediately upon hearing the phrase 'dd', the third declined to review the drive after we spoke to second level phone support and they asked if the dd command had actually completed (good question). Here is their response... paraphrased from a phone conversation:

"According to our Unix team, there is less than a zero percent chance of data recovery after that dd command. The drive itself has been overwritten in a very fundamental manner. However, if for legal reasons you need to demonstrate that an effort is being made to recover some or all of the data, go ahead and send it in and we'll certainly make an effort, but again, from what you've told us, our engineers are certain that we cannot recover data from the drive. We'll email you a quote."

Q. Why are you doing this?

A. Because many people believe that in order to permanently delete data from a modern hard drive that multiple overwrites with random data, mechanical grinding, degaussing and incinerating must be used. They tell others this. Like chaos, it perpetuates itself until everyone believes it. Lots of good, usable hard drives are ruined in the process.
Q. What exactly is the challenge?

A. You or your company or your organization or your group of researchers can have a crack at the drive. You don't actually have to recover any data to win the challenge, just tell us the name of one (1) of the two (2) files or the name of the one (1) folder that existed in this screen shot before the dd command was executed.
Q. What kind of hard drive is it? How much did it cost? Is it new? Does it work? How did you format it? Why did you buy this drive?

A. Western Digital (WD800JB) 80GB hard drive. We paid roughly $60 USD for the drive. It is new. Yes, it works. We did a default initialization and NTFS format from within Windows XP. It was the smallest and least expensive hard drive we could purchase new. It's also a very plain, common drive. Data recovery firms should have a lot of experience dealing with this type of hard drive.
The Terms were updated on January 16th, 2008. The underlined portions have been added

Q. May I enter the challenge?


A. Sure... here are the terms of the challenge: Send a self-addressed, postage-paid box you pay shipping both ways with packaging material to the address listed below along with a sixty $60 USD deposit United States Postal Service Money Order only and we will mail the drive to you.

When you receive the drive, you have three (3) consecutive days beginning on the day of receipt to analyze the drive. You must return the drive to us immediately on the end of the third day. The drive must be returned in the same condition that you received it in. Photos will be taken before shipment. It will be demonstrably functional before shipment. So, don't break it. If you damage the drive, then your deposit will not be returned. The challenge will last exactly one (1) year and will end immediately should someone win.

THE CHALLENGE BEGAN ON JANUARY 15th 2008.
THE CHALLENGE ENDS ON JANUARY 15th 2009 OR WHENEVER SOMEONE WINS.


You may not write any data to the drive or disassemble the drive. If the challenger is an established data recovery business located in the United States of America (We would need to see Articles of Incorporation, a current business license and one other form of business identification in order to determine that they are indeed a professional, for-profit, established data recovery business) or a National government law enforcement or intelligence agency (NSA, CIA, FBI), then we will allow these type of organizations to disassemble the drive and to keep the drive for thirty (30) consecutive days. Fair enough? If you object to these terms, then don't participate or suggest changes.

Challenges are accepted in the order in which they are received at this address:

16 Systems, LLC
P.O. Box 356
Blacksburg, VA 24063
Q. How do I win the challenge?

A. You must identify the name of one (1) of the two (2) files or the name of the one (1) folder that existed in this screen shot before the dd command was executed. You do not have to actually recover any data from the drive, but you can if you are able to. You also must publicly disclose in a reproducible manner the method(s) used to win the challenge. Here is the answer to the challenge. It's a TIF screen shot that shows the original contents of the root folder of the drive before the dd command was executed. It's PGP symmetrically encrypted using GnuPG. The key will be released at the end of the challenge or when someone wins. Should someone win, they get to keep the drive. They also will receive $40.00 USD and the title "King (or Queen) of Data Recovery".

Q. Is this a scam?

A. No. The challenge is real. The hard drive is real. We hope to demonstrate that recovering data from a zeroed hard drive is impossible. Legitimate data recovery firms know this. They will not take the challenge. Neither will a national government agency. Lastly, it is noble and just to dispel myths, falsehoods and untruths.

http://16systems.com/zero/index.html

 

Up to 25 off MDD secure and reliable webhosting

 

21 Responses to “The Great Zero Challenge Remains Unaccepted”

  1. Hostjury Admin Icon Zipdadoda Says:

    It's not always about the money Max. How about bragging rights and the exposure. Priceless!

  2. max hodges Says:

    I like the challenge, but $40 reward is not enough to demonstrate that recovering data from a zeroed hard drive is impossible; its only enough to demonstrate that most professionals/labs in this field can't be bothered by a trifling amount of money.

  3. Asaf Says:

    To all the people suggesting that the magnetic charge could somehow be used to retrieve the data:

    http://www.vidarholen.net/~vidar/overwriting_hard_drive_data.pdf

    "This study has demonstrated that correctly wiped data cannot reasonably

    be retrieved even if it is of a small size or found only over small parts of the hard

    drive. Not even with the use of a MFM or other known methods. The belief that a tool

    can be developed to retrieve gigabytes or terabytes of information from a wiped drive

    is in error."

  4. Paul Web Says:

    Well I doubt anybody would take on this web challenge. If you are a webmaster looking for dedicated server hosting in UK and have clicked on this web page accidentally you may find the challenge a tough one. As stated the folks behind this challenge want to show that it is impossible to recover data from a hard drive that has been overwritten with zeroes. I think those into web disaster recovery may find this challenge interesting.

  5. Hostjury Admin Icon David Says:

    Totally agreed Bob on all counts :)

  6. Bob Says:

    This challenge is hilarious. I don't see why anyone with the capability of doing this (if they exist) would take the challenge.

    The prize is a joke. It's just a total of only $100, and $60 of that comes in the form of a 2nd-hand HDD (which would probably have to be disassembled and mangled beyond usability if any data would be retrieved from it).

    The remaining $40 would barely cover the needed funding of such an undertaking.

    There are some (older) HDD models that can have some data recovered with an MFM microscrope, and even a DoD-standard 7-pass wipe can be somewhat recovered using a scanning electron microscope.

    Good luck getting people or organizations who have access to such equipment to take your challenge for $40.

    I'd imagine that when this is actually needed (like the DoD needing to analyze a wiped HDD recovered from a terrorist hideout), and that they'd take more than 30 days (the 3 days limit also seems to be a joke as well, even 30 days seems to be short), and $40 will barely cover the expenses. And don't expect HDD to be in any usable state afterwards.

    But the most hilarious part was the requirement of revealing the methods used for recovery. It's like saying "we'll buy your secrets for $40, and an 80gb harddrive".

    It's like posting a challenge to crack RSA for $100, then demanding them to release their results if they manage to do so.

    If we even believe the urban legend that NSA has cracked RSA, they would not even want anyone to know it is possible. And they will NOT release how to do so in a reproducible manner.

  7. Hostjury Admin Icon David Says:

    It's an external challenge, e.g. from them -- not us :) We were merely documenting it.

  8. CoolObserver Says:

    What was the outcome of the challenge? Did you have any takers?

  9. Crystal Says:

    I am simply amused and appalled at your comment, Mr. JD. First of all, as an IT person, I must clap and laugh at the same time at your attempts to argue against something you clearly have not even read into.

    First of all, this has NOTHING to do about data privacy. And it does not have anything to do with software "mining" in your case. Nor does it have ANY relevance to the internet or going online or even hacking... let alone taking control of somebody's PC.

    This challenge WAS about how accurate writing ZERO's to a hard drive really is in erasing all of a user's data. The purpose of this was to be certain that your data IS gone after performing a full zero write to a hard drive. There are ways some people can get data once a hard drive has failed, and in some cases re-written. But this contest was to prove otherwise, and to determine whether writing zeros really does eliminate ANY plausible possibility of getting any information off the hard drive once it is erased.

    The hard drive used in the contest was one that the company provided. It is NOT a user's/client's hard drive... just a TEST hard drive to use for the competition.

    Also, for starters... you may want to work on your rather HORRID grammatical skills. The way you butchered the English language is rather amusing, I must say!

    Before you go digging into these matters, JD... DO YOUR RESEARCH, first, and also READ the article before leaving such ridiculous posts as the ones you have written. You claimed to have read the article/competition, but you STILL clearly have NOT.

    Also, you should learn to actually WRITE and READ English... as at this point I am assuming you used some sort of translator to write these rather ridiculous comments.

    That said... I AM curious as to what the outcome of this contest was?

  10. Joel Drotts Juris Doctorate Says:

    Awesome... First of all spelling isn't any measure of intelligence. However, analysis is, as is reading comprehension. To be fair, I scan read this article or challenge. The challenge is permissive data recovery from hard-drives. I admittedly mistook the challenge, and I am not a part of your "little computer geek club."

    I admittedly am distrustful of computers, as I don't understand them completely. Why would a company create a challenge to see if you could write software for data mining? If a person wanted information deleted, that is there right. If this is a company who wrote a security software program, and wants to invite computer brainiacks to see if they can break the security or fire-walls that is their business, and is some high-tech stuff beyond my realm.

    My point, while off point, is still a good point none the less. I often worry about the security of the internet, the files on my computer, and the personal information people are able to pull about me off the internet, and my computer via the internet.... Once I am signed on. Hacking is most definitely a crime. Furthermore, the legal analysis of hacking and taking control of some ones computer or illegally positioning yourself to become privy to protected/private files is accurate. If the Government were to conduct such actions it would violate several Constitutional Amendments such as the First, the Fourth, and the Fourteenth for starters.

    If a private individual or corporate individual/entity were to attempt such actions they would be opening themselves up to several criminal and civil suits. Is that what this company is advocating??? No, and you are correct I scan read some obscure blog, late at night, and commented on something totally not on point. However, the technology and challenge are interlinked to my original post, no matter how off subject I was.

    I still do wonder, why such a challenge would be offered or posted? Who would use such technology and how. Secure software and encryption could be very useful. For example, should such software be found to be fool proof, the Courts may be interested in it. Imagine if Attorneys could legally file pleadings at the Court Clerks Office via the internet/e-mails. A lot of time, money, and paper could be saved.

    As it stands, Pleadings, Complaints, or any other legal motion must be submitted to the court: 1. On time. 2. Hard copies (One for the Court records, the Judge's use, and one for the adverse party. All must be stamped with the court seal, and delivered to the appropriate parties. This is a lot of paper, and time spent running around. Imagine if it could be done electronically.

    Many courts are reluctant to in-act such a program, as the attorney client privilege is the highest and most guarded Constitutionally protected right, as it goes directly to a citizens ability to receive effective counsel. This privilege is a fragile one, which can be ruined by the eyes of intruders, or worse government agencies illegally snooping around. Don't tell me I am paranoid, as history has shown us time and time again that if some one or agency has the ability to do something or gain information they will. Which again leads me back to the point and jist of my first blog posting, or at least the point I was trying to make. That just because something should be done, doesn't mean it always should be done.

    So data retrieval is not computer hacking, and I apologize to those I offended for confusing the two. However, it does seem that they are at least in the same family, which is the acquisition of electronically stored information from a private parties hard-drive. Information that if erased or guarded by security programs is information and files which the target producer or keeper of such information/files wished to keep from the eyes of third-parties.

    Bash me, my degree, and my intelligence all you want. None-the-less, I still maintain that such programs are a slippery slope, and must be conducted in an ethical nature and with-in the confines of the current laws.

    Again, I apologize for not giving this subject, the people whom visit this site, or those who post here the proper credit and respect they/it deserved. I should not had scan read the challenge, or jumped to conclusions. At the same time, "With great power, comes great responsibility." Yes, I just quoted Spider Man. However, the quote is well suited to the argument which I am now trying to make, which is the introduction of ethical behavior by our electronic/computer based scientists, the protection of individuals privacy rights on the internet and on their personal computer, and a questioning of "Why" by computer scientists. When some one asks you, "Can you retrieve this data, or break through our security protocols or software?" Just remember to ask yourselves... "Why?" Who is asking? Why they are asking? What they plan to do with such technology or knowledge? Why do they want me to undertake such actions, and what is the end goal of the party offering such a challenge.

    Here ends the gospel according to Joel Drotts Juris Doctorate, and my official stepping down from off my high soap box. Again, my apologies, my thanks, my hope that you will read this blog post, and my sincere hope that it causes at least one person to ask the right questions to themselves, their colleagues, and maybe even any parties which post such challenges.

  11. Russ Nixon Says:

    Hey joel drotts juris doctorate,

    I thought JDs were supposed to be able to read, write and understand their primary language. First, as an engineer, you make a great lawyer. The challenge has nothing to do with hacking; put on your reading comprehension cap and try again. Second, if you don't know the difference between "sighting" and "citing" you must be a poor lawyer indeed. As a final criticism, your last sentence is so full of fail that further analysis is moot. Get your money back for the JD, you were robbed, if indeed you actually possess one.

    Russ Nixon, just an humble engineer

  12. OzFalcon Says:

    I'd imagine that HD manufacture R&D departments could make special reader heads to extract the different magnetic bit strength.

  13. Adam Says:

    Well, it would be entirely possible to recover data. A hard drive platter will hold analog information you could read with special equipment. If I had a same or similar model hard drive I previously knew the data on, zero wrote it, then tested all the regions I would be able to extract patterns I could use to then reconstruct data on your drive. Math makes it possible through research done in data reconstruction, compressed sensing, and statistics. The fact that the drive platters cannot be analyzed with better gear means it is impossible, and the fact that the incentive is so low I doubt anyone would bother anyway.

  14. abdd0e77 Says:

    One of your rules is that one may not disassemble the drive. If you remove that clause it may then be possible as a higher sensitive reader may be able to pick up tiny differences in charge as John mentioned.

  15. Hostjury Admin Icon David Says:

    Joel,

    No offense, but you should really read the post. This has nothing to do with exploitation and hacking.

    (Read, especially before calling someone else an idiot.)

  16. joel drotts juris doctorate Says:

    You people are morons, or the smartest dumb people I know. You can't just hack into some one's computer, and delete their files. You've destroyed their chattel, and that's just for starters.

    You guys are all arguing about how you'd do it, whether it can be done, and no one posted any thing on "Should it be done." The answer is no! Just cause I can do something, doesn't mean I should.

    To the challenger you should remove the post, as there is that weird case out of NY, where some kid posted "Ways I blow up the stadium, and had people participate." The DA through the book at him, sighting all sorts of new Patriot Act Laws, which no one quite understands any way.

    Just a tip, don't insight people to legal acts, don't post it, and don't leave it. And please don't hack me, I'm just trying to save you people from yourselves.

    Joel Drotts Juris Doctorate

  17. John Says:

    Just a quick note to Josh Straub: I'm not saying doing an actual recovery based on this information would be practical or even possible (the non-results of this challenge would seem to indicate that it isn't), but even so, the situation isn't quite as simple as all that.

    Here's one possible way the "extra" data could be stored. You have a drive full of zeroes, right...and they're all definitely zeroes. However, the idea is that if you were to analyze the individual magnetism of each bit, you'd find differences. For instance, a bit that was previously a zero and then had another zero written to it could have a stronger magnetic charge than a bit that was previously a one and got changed to a zero. Both bits are magnetized well into the range of "zero", of course, but they're not _identically_ magnetized.

    To put it in "pseudo-code", you have a hard drive full of zeroed bits, some of which have a charge of "-2.0" and some of which have a charge of "-1.7". Now, as far as the "active data", the threshold for it to be a zero is "-1.0", so they all show as zeroes to the OS utilities. But if you look at the actual charges...hmmmmmmm :)

  18. Hostjury Admin Icon streaky Says:

    Well essentially it is like finding ghosts, if you can read the magnetism in any given spot you might be able to 'see ghosts' of old data, the question is how reliable it is and if it's actually possible on a modern drive.

  19. Josh Straub Says:

    LMFAO!! I absolutely LOVE THIS! Truly brilliant. Reminds me of the James Randi JREF "Million Dollar Challenge" for those who can reproduce paranormal behavior under scientific observation conditions.

    I have worked in IT for a long time and it's amazing the amount of coworkers I've had who argued with me that data could still be retrieved after the drive was wiped. I asked them to propose how exactly this "extra data" was stored in excess of the drive's capacity to hold "x" GB of zeros. They had no explanation.

  20. Scott Reed Says:

    The link to the screenshot 5.jpg is broken.

Leave a reply to “The Great Zero Challenge Remains Unaccepted”