Shane J Pearson wrote:
> Hi Anthony,
>
> On 01/06/2005, at 4:01 PM, Anthony Roberts wrote:
>
>> The 'dd' way is good enough unless someone is willing to to tear the
>> drive apart in a lab.
>
> I think this depends on how you use dd though. If you just do a single
> pass of zeroes, but fear someone will mount a multi million dollar
> electron microscope forensic analysis, then yeah, that might not be
> enough. But write from /dev/urandom with dd multiple times to the disk
> and you should be okay even with that extreme case.
>
> If I were worried about open-drive analysis of the drive I want to
> clean, then I'd be physically destroying the drive also. Put it in a
> kiln, get the oxy torch into it, etc.
If loading the drives with a single pass of zeros isn't good enough for
your application, forget /dev/urandom or multiple passes or any other
technique, and just physically destroy the drive. If you are really
concerned someone might extract data after a zeroing of the drive,
handing the drive over to anyone else in usable form is just silly.
A while back, I modified an OpenBSD boot CD so it would do exactly this
-- upon boot, it would dd /dev/zero over the first two wd devices, and
the first two sd devices. No prompt, no warning, nothing. Boot the
disk, kiss your data goodbye. It was designed to quickly and reasonably
securely render the data on a bunch of old computers inaccessable with
minimal intervention, before removing them from the donator's office.
All the tools are on the boot CDs (and floppies) already.
It turned out that when doing 4G IDE drives, I could have about four
machines wiping at the same time in a non-ideal setting, by the time the
fourth one was started, the first one was done.
I labeled it in big, scary print, and try to keep track of where it is.
So far, it has only claimed one innocent system by accident ("Hey, why
is this machine booting OpenBSD...Oh sh*t..dang, too late")
Nick.
