We used to have a simple wipe and an enhanced wipe on SunOS. The first
one overwrote the disk with a fixed bit pattern, the latter wrote and
rewrote it with different patterns. The idea was to make it hard to
detect residual magnetism from some older data. Definitely spinning-rust
stuff.
For anything from Confidential and up, we used the "large grinder"
approach (:-))
--dave
On 2024-03-23 10:50, Giles Orr via talk wrote:
I have, for many years, used "Darik's Boot and Nuke" on a USB stick to
securely wipe spinning hard disks. It takes a long time, but I mostly
understand and trust the process.
I'm now at the point that I have to wipe and dispose of SSDs, and I'm
feeling a bit shaky on the methodology. Here's what I did:
# hdparm -I /dev/sdX
Looked for enabled/locked/frozen in the output ... I won't go into
making sure those are toggled correctly, but that appears to be
needed. This also lists what appears to be info about doing a wipe on
the drive:
6min for SECURITY ERASE UNIT, 60min for ENHANCED SECURITY ERASE UNIT
Then, set a password (why? but seems to be needed):
# hdparm --user-master u --security-set-pass foobar /dev/sdX
Last, run the wipe:
# hdparm --user-master u --security-erase-enhanced foobar /dev/sdX
Doing something like `dd if=/dev/sdX bs=5M count=5 | strings` (or
sending it to `less`) definitely shows that it's changed from
something organized to something full of identical characters. But
I've never seen this wipe process take more than 60 seconds, which
makes me wonder about the `hdparm` declaration about the time required
for a secure wipe.
So I guess the big question is: should I trust this process? Do we
really think it's securely wiped? Or should I be taking a hammer to
the chips on the SSD because that's the only way to ensure it's fully
wiped?
--
David Collier-Brown, | Always do right. This will gratify
System Programmer and Author | some people and astonish the rest
[email protected] | -- Mark Twain
CONFIDENTIALITY NOTICE AND DISCLAIMER : This telecommunication, including any
and all attachments, contains confidential information intended only for the
person(s) to whom it is addressed. Any dissemination, distribution, copying or
disclosure is strictly prohibited and is not a waiver of confidentiality. If
you have received this telecommunication in error, please notify the sender
immediately by return electronic mail and delete the message from your inbox
and deleted items folders. This telecommunication does not constitute an
express or implied agreement to conduct transactions by electronic means, nor
does it constitute a contract offer, a contract amendment or an acceptance of a
contract offer. Contract terms contained in this telecommunication are subject
to legal review and the completion of formal documentation and are not binding
until same is confirmed in writing and has been signed by an authorized
signatory.
---
Post to this mailing list [email protected]
Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk
