lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: j.riden at massey.ac.nz (James Riden)
Subject: Erasing a hard disk easily

"Gregh" <chows@...mail.com.au> writes:

> ----- Original Message ----- 
> From: "Maarten" <fulldisc@...ratux.org>
> To: <full-disclosure@...ts.netsys.com>
> Sent: Tuesday, July 13, 2004 7:23 AM
> Subject: Re: [Full-Disclosure] Erasing a hard disk easily
>
>
>>
>> An overwrite with all zeros will -allegedly- not withstand a serious
>> data-recovery attempt by professionals, not even when repeated.
>
> I know you stated "allegedly" but this subject interests me. Many years ago,
> a good friend of mine who had been in to pirating and suddenly realised he
> could end up behind bars if he was ever caught got the shakes thinking about
> it. He deleted it all and I let him know that wasn't good enough. He got
> hold of a simple basic program that kept looping until the disk was full,
> writing a line of 80 of the number "8" to the disk making one file that got
> bigger and bigger until, ultimately, it filled the disk. Once filled, it
> would close the file and all you had to do was boot into DOS and delete it
> and the space was free once more all overwritten with the number "8"
> wherever you looked with a sector editor.

See "Secure Deletion of Data from Magnetic and Solid-State Memory"
at http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html

If it's sensitive, it often gets physically destroyed. If it's not,
"wipe -k /dev/hda" will do, from a Knoppix prompt, with whatever
parameters you feel appropriate.

from 'man wipe':

"Recovery of supposedly erased data from magnetic media is easier than
what many people would like to believe. A technique called Magnetic
Force Microscopy (MFM) allows any moderately funded opponent to
recover the last two or three layers of data written to disk; wipe
repeadetly over- writes special patterns to the files to be destroyed,
using the fsync() call and/or the O_SYNC bit to force disk access. In
normal mode, 34 patterns are used (of which 8 are random). These
patterns were recommended in an article from Peter Gutmann [email
elided] entitled "Secure Deletion of Data from Magnetic and
Solid-State Memory". A quick mode allows you to use only 4 passes with
random patterns, which is of course much less secure."

ISTR that 'moderately funded' is in the order of 10K USD, but
unfortunately I don't get to play with those kinds of toys.

cheers, 
 Jamie
-- 
James Riden / j.riden@...sey.ac.nz / Systems Security Engineer
Information Technology Services, Massey University, NZ.
GPG public key available at: http://www.massey.ac.nz/~jriden/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ