On Thu, Oct 8, 2009 at 9:28 AM, Scott Rohling <scott.rohl...@gmail.com> wrote: > Working with a customer running Linux on zSeries under zVM... discussing > clean up of disk areas when a Linux server is removed. The 'norm' > according to the customer is to use anywhere from 3 to 35 'passes' to erase > data, depending on sensitivity. I'm wondering if anyone can provide input > about how this relates to various cleanup available... I'm confused on a > couple of fronts: > > - I'm probably not understanding -- but writing 1's or 0's more than once > to a disk area seems, well, silly. Do 'passes' imply that each pass is > covering more 'area' or something? Whenever I do things like 0 a disk > using the dd command -- I assume the entire disk is being written to and any > subsequent dd commands are unnecessary and redundant. > > - If we do a DIRM PURGE user CLEAN -- is that sufficient to meet any DoD > rules, etc concerning securely wiping data? Same for CPFMTXA FORMAT and > any other utilities used from zVM to 'clean' DASD... does anyone actually > run these more than once? > > I'm sure I'm not understanding the context of 'passes' and just want to be > able to talk intelligently as I can about how their concept of passes > relates to how mainframe DASD is dealt with - especially at the zVM level. > This is always where I come to hear several points of view and get useful > insight -- so any input would be most welcome!
First, that would be "Linux on System z under z/VM". zSeries has been dead for four years, it's time to let it go. Anyway, to your real question: there is allegedly/apparently latent magnetism in a bit, such that it's at least *theoretically* possible to recover data from a formatted drive. Think of it like this. If a given byte's bits *were* 10001000, and you've formatted it to all zeroes, the actual magnetic values for the bits won't be quite all zero. That is, we consider a bit to be "1" if its Gauss value (not the right term, but close enough) is at least, say, 100 (on some scale that I'm making up), A single format might push a "1" from 115 down to 45. But a bit that was previously zero (and was at 50 on my scale) might get pushed down to 10. So -- again, *in theory* -- you could read those values and infer that the 45 was a 1 and the 10 was a 0. Now you have a couple of bits. Repeat until done. Has anyone ever actually done this? Not that I know of, but I haven't really looked. Obviously they'd need physical access to the disks and a fair bit of time. HTH
