lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.60.0407141048580.13191@catbert.rellim.com>
From: gem at rellim.com (Gary E. Miller)
Subject: Erasing a hard disk easily

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yo Darren!

On Wed, 14 Jul 2004, Darren Reed wrote:

> Too bad the pc Unixes don't have a format command like Sun has had
> for Solaris/SunOS....tells the hard drive to 'format' and then tests
> with a number of test patterns.

You can not really force a low level format of an IDE or SCSI drive.  The
drive that appears to the OS is not the real drive, but a virtual drive
managed by the disk electronics.

The most you can do is ask the drive to format itself.  Some do a good job
and some do not.  The ones that return in seconds did not and the ones that
takes hours are doing better.

One thing that has been missed in these discussions are the "spare
sectors" present on all IDE and SCSI disks.  I am not talking about the
"bad blocks" stored in FAT tables and such, but hidden sectors managed
by the drive itself.

Each drive vendor has vendor specific commands for accessing and
managing theese spare sectors and bad sectors.  There is no generic
method.  Some consider this proprietary info and some readily release it.

If the drive notices soft errors in a given sector it will copy the data
to a "spare sector", then move the bad sector to a bad sector list and
use the formerly spare sector in it's place.  The OS never noticed that
anything happened.  The old data remains in the bad sector and can be
recovered.

You can format the drive as it appears to the OS as much as you want, but
unless you get "low level" with the drive you are NOT touching the
spare and bad sectors.  They may very well contain data you do not want
to be read.

If you give me one of these drives, I might be able to get vendor data
on how to read the bad sectors and then I would have your data!

This is not as long a shot as it would seem.  Just before your drive dies
it may be doing a lot of thrashing of bad/spare sectors in a last attempt
at staying alive.  Often used files like /etc/passwd and gpgkeys are
more likely to be accessed and therefore more likely to have a copy in the
bad sector table.

You throw the drive away and I get it from the dumpster.  Often I can put
dead HS in the refrigerator and get it to work for a few more hours
longer than you could.

RGDS
GARY
- ---------------------------------------------------------------------------
Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701
	gem@...lim.com  Tel:+1(541)382-8588 Fax: +1(541)382-8676

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFA9XaP8KZibdeR3qURAt+2AKCnRWaro6/mUok1l46Zz2mMNE/cWQCg7Fr0
X14ASFMPd8CikeCxAoYqPu0=
=em1t
-----END PGP SIGNATURE-----


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ