lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: tim-security at (Tim)
Subject: erase with magnet

> If you dont have such a tool or dont wont to use one, you can use dd on Linux 
> (Use Knoppix if you don't have it installed)
> dd if=/dev/urandom of=/dev/sda bs=1M count=1024

This will work fine against any simple forensic analysis, but if you
have some very very sensitive data that say, governments, would be
interested in, you need to overwrite the data many more times than this.
I prefer using the free "wipe" utility, since it was written with
advanced recovery techniques in mind. 
(To install in debian, just run `apt-get install wipe'.)

The description from the man page:
Recovery of supposedly erased data from magnetic media is  easier than
what  many  people  would  like to believe. A technique called Magnetic
Force Microscopy (MFM) allows any moderately funded opponent to recover
the  last  two or three layers of data written to disk; wipe repeadetly
overwrites special patterns to the files to  be  destroyed, using  the
fsync()  call  and/or  the  O_SYNC  bit to force disk access. In normal
mode, 34 patterns are used (of which 8 are random). These patterns were
recommended   in   an  article  from  Peter  Gutmann  (pgut001@...auck- entitled "Secure Deletion of Data from Magnetic and  Solid-
State Memory". A quick mode allows you to use only 4 passes with random
patterns, which is of course much less secure.

Of course most people don't need this level of security, but it is good
to understand the power of advanced magnetic media forensics.


Powered by blists - more mailing lists