[vox-tech] Secure Wiping hard drives
Brian Lavender
brian at brie.com
Fri May 11 15:23:43 PDT 2012
On Fri, May 11, 2012 at 10:25:02AM -0700, Rick Moen wrote:
> Quoting Darth Borehd (darth.borehd at gmail.com):
>
> > We need a fast way to securely wipe hard drives.
>
> _How_ secure? LLNL actually melts the platters on hard drives retired
> from their security-sensitive computing vaults.
I would think that writing zeros to the disk would make the data
unavailable in many cases and is relatively fast. IIRC, DBAN takes
multiple passes with pseudorandom data. What if the fact that a melted
disk leaked information? One could not even consider that secure.
Similar if the NSA orders pizza delivered.
Personally, I would go one step further and use a pseudo random feed
from AES with Cipher Block Chaining (CBC) and perhaps throw some salt
in the middle so that it isn't too predictable. You might be able to do
this with DBAN with a one sweep pass.
>
> Commercial operations generally consider DBAN good enough.
--
Brian Lavender
http://www.brie.com/brian/
"There are two ways of constructing a software design. One way is to
make it so simple that there are obviously no deficiencies. And the other
way is to make it so complicated that there are no obvious deficiencies."
Professor C. A. R. Hoare
The 1980 Turing award lecture
More information about the vox-tech
mailing list