[vox] Wipe data

Richard Harke paleopenguin at gmail.com
Sat Feb 21 00:13:34 PST 2015


I recall using a utility called "shred" to securely erase files. It did do
many passes
to completely erase the data. I used it once on a 1 gigabyte drive and it
took
8 hours. So I guess that would mean 8000 hours for a one terabyte drive.

Richard


On Sat, Feb 21, 2015 at 12:00 AM, Bill Broadley <bill at broadley.org> wrote:

> On 02/20/2015 11:06 PM, Rick Moen wrote:
> >> I'd recommend a single overwrite with dd, or just to a ATA Secure Erase.
> >
> > Not tested, but here are some tips about using ATA Secure Erase using a
> > gratis utility for DOS (which means you can presumably use it from a
> > FreeDOS image):
> > http://www.zdnet.com/article/how-to-really-erase-a-hard-drive/
>
> Or just from linux.
>
> > Bill, I had the impression that Dban was a good bit better than
> > single-pass dd'ing, and that the disclaimers were primarily intended as
> > an answer to the 'Are you guaranteeing that $BIG_TLA_AGENCY cannot
> > recover my data after Dban?' people, but that it's good enough for most
> > needs.
>
> Well there's a ton of incorrect legacy information about disk wiping,
> much played up by the folks selling such utilities.  There's been a huge
> amount of confusion around the "Gutamann mathod" that involved writing
> over 30 patterns to disk.  Even the author mentions he never intended
> for anyone to do that, just that each one was optimized for a particular
> technology.  Not that even 2-3 wipes wasn't plenty in 1996 and it's
> gotten quite a bit harder to recover isnce then.
>
> Sure if you are worried about a $10M scanner and man weeks of very
> highly paid staff scanning your disk at a uber high resolution and
> producing a few petabytes of data and doing a statistical analysis of
> the track edges to try to peal back the previous right you might want to
> do more than one pass.
>
> Sure if you are Edward Snowden and the full might of the NSA is focused
> on you, then you use physical description... or encryption.
>
> But for anything less (from wiki)
> * According to the 2006 NIST Special Publication 800-88 Section 2.3 (p.
>   6): "Basically the change in track density and the related changes in
>   the storage medium have created a situation where the acts of
>   clearing and purging the media have converged. That is, for ATA disk
>   drives manufactured after 2001 (over 15 GB) clearing by overwriting
>   the media once is adequate to protect the media from both keyboard
>   and laboratory attack
> * According to the 2006 Center for Magnetic Recording Research Tutorial
>   on Disk Drive Data Sanitization Document (p. 8): "Secure erase does a
>   single on-track erasure of the data on the disk drive. The U.S.
>   National Security Agency published an Information Assurance
>   Approval[citation needed] of single-pass overwrite, after technical
>   testing at CMRR showed that multiple on-track overwrite passes gave
>   no additional erasure."[23] "Secure erase" is a utility built into
>   modern ATA hard drives that overwrites all data on a disk, including
>   remapped (error) sectors.[24]
> * Further analysis by Wright et al. seems to also indicate that one
>   overwrite is all that is generally required. [25]
>
> So unless you have more expertise than NIST, the Center for Magnetic
> Recording Research, and the NSA I'd just go with one wipe or secure erase.
>
> > Back when I helped build an HPC cluster for LLNL, they would never send
> > back a deployed hard drive for any reason, and my understanding was that
> > HDs were 'retired' using thermite.  _That's_ secure erasure.
>
> Well Governments, bureaucracy, and low paid gov employees being what
> they are, they are worried about the mistakes, made on Friday, because
> someone wants to take off early.  It's much easier to verify that a disk
> is visually destroyed/melted/turned into small flakes than it is to make
> sure the write software was run for hours.  It's also much easier to
> witness.  I believe the related policies require one person to destroy
> and a second person to watch.  Not to mention even a full wipe might
> fail part way through if there's a malfunction.  When hammers
> malfunction you can just grab another ;-).
>
> > I've mostly worked with SCSI drives and guestimated that low-level
> > reformatting them using a SCSI HBA's firmware routines is good enough.
>
> Single wipe is quite good, especially since drives have gotten quite a
> bit denser since 2001.  If you are worried about the 0.1% of sectors
> that might have been remapped then do the secure erase.  But sure if the
> value of the data is huge, and the consequences of even a few bits
> escaping is dire then physically destory the drive.  Doubly so if your
> enemy has a huge budget, expertise, and fancy time then melting or
> shredding is the ultimate protection.
>
> Math exercise for the bored, assume:
> * 6TB drive has 6x10^12 bytes
> * has 7 platters (both sides are used)
> * outer diameter of platter is 2.5"
> * inner diameter of the platter is 1.5"
> * 340,000 tracks per inch
>
> How big is a bit?
>
> If a track overwrite covers 97.5% of a track what resolution do you need
> to see the 5%?
>
> If you image 7 platters at that resolution how much data is that?
>
>
> _______________________________________________
> vox mailing list
> vox at lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lugod.org/pipermail/vox/attachments/20150221/c8688413/attachment.html>


More information about the vox mailing list