Inquiry:How to totally wipe out the entire hard drive
in [Debian]
|
Prev: On boot - firewall warning.......
Next: cisco vpnclient: not able to get shell output for more than a few lines
From: Napoleon on 6 Sep 2009 15:40 John Hasler wrote: > I wrote: >> If you want to destroy all the data for security purposes install and >> use shred. It will take quite a while on a large disk. > > Ron Johnson writes: >> This really is a myth. > > What is? > >> So, just run "dd if=/dev/urandom of=..." over it a couple of times. > > man shred. That's essentially what shred does, but it is probably > faster then dd. Note that you want to shred the device, not the files > or partitions. > > > In actual fact, overwriting with zeros once probably suffices for a > modern drive (but there is the problem of bad blocks...) (Should have gone to the list but I screwed up the first time - sorry). Overwriting with zeros (or ones) once is not at all secure. It can easily be nearly 100% recovered by someone with the necessary equipment, even more so on a modern drive. Overwriting multiple times with random data provides higher security. Physical destruction of the disk (i.e melting or physically shredding the disk) is the only sure-fire security. -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org
From: John Hasler on 6 Sep 2009 15:40 Napoleon writes: > Overwriting with zeros (or ones) once is not at all secure. It can > easily be nearly 100% recovered by someone with the necessary > equipment, even more so on a modern drive. Please provide evidence that anyone has ever done this on a modern drive. In any case I doubt that the OP has secrets worthy of the attention of people with "the necessary equipment", whatever that may be. -- John Hasler john(a)dhh.gt.org Elmwood, WI USA -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org
From: Sven Joachim on 6 Sep 2009 15:50 On 2009-09-06 21:12 +0200, John Hasler wrote: > Napoleon writes: >> Overwriting with zeros (or ones) once is not at all secure. It can >> easily be nearly 100% recovered by someone with the necessary >> equipment, even more so on a modern drive. > > Please provide evidence that anyone has ever done this on a modern > drive. Jumping into that discussion, here is evidence that this is not possible with modern drives: http://www.h-online.com/news/Secure-deletion-a-single-overwrite-will-do-it--/112432 So, anyone who wants to sell his hard disk can just use "dd if=/dev/zero ..." and be done with it. Sven -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org
From: Napoleon on 6 Sep 2009 16:00 John Hasler wrote: > Napoleon writes: >> Overwriting with zeros (or ones) once is not at all secure. It can >> easily be nearly 100% recovered by someone with the necessary >> equipment, even more so on a modern drive. > > Please provide evidence that anyone has ever done this on a modern > drive. > > In any case I doubt that the OP has secrets worthy of the attention of > people with "the necessary equipment", whatever that may be. The FBI can do it, for instance. Some data recovery companies can also do it. I'm sure there are many others who can, even on modern drives. -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org
From: Boyd Stephen Smith Jr. on 6 Sep 2009 16:10
In <4AA40AC8.2050804(a)attglobal.net>, Napoleon wrote: >John Hasler wrote: >> I wrote: >>> If you want to destroy all the data for security purposes install and >>> use shred. It will take quite a while on a large disk. >> >>> Ron Johnson writes: >>>> This really is a myth. >> >>> What is? >> >> In actual fact, overwriting with zeros once probably suffices for a >> modern drive (but there is the problem of bad blocks...) > >(Should have gone to the list but I screwed up the first time - sorry). > >Overwriting with zeros (or ones) once is not at all secure. This is totally, absolutely a myth. The 1996 paper used a recovery technique that doesn't work on modern drives, and admitted that only one random write would likely be more than enough to prevent recovery. More recently, actual research was done on the topic, and a single-pass, fixed-pattern (all zeros) was still impossible to recover more than a few bytes from a modern hard drive. Zac, do you have the URL for that paper handy? I know you sent it out end of last year or the beginning of this one, but I seem to have misplaced it. -- Boyd Stephen Smith Jr. ,= ,-_-. =. bss(a)iguanasuicide.net ((_/)o o(\_)) ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-' http://iguanasuicide.net/ \_/ |