-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Owen Townend wrote: > This is overkill here, there is no inherant security or other risk in > leaving the data unscrubbed. This should be sufficient: > sudo dd if=/dev/zero of=/dev/sdd bs=512 count=1
Agreed. And it's a heck of a lot quicker. > The few times I have had to securely destroy data for customers have > been situations where the data is much more valuable than the hardware > itself. This opens opportunities for physical destruction. I work for a few financial/superannuation types who tend to hold sensitive data (AU Tax File Numbers and US Social Security Numbers, etc). While not as inherently "valuable" (compared to credit card numbers and so forth which are more easily abused), there is a certain government/legal conformance requirement to take all necessary steps to safely scrub data. On the topic of hard disk destruction - I've seen good (read: expensive) data recovery agencies recover data even from laptops that have been in house fires or car crashes. For a while there, the Australian government standard was to destroy the disk via a nailgun, but again even that can be recovered from partially if the data wasn't properly scrubbed beforehand. Data recovery agencies have many methods of retrieving data from physical disk platters even if part of the platter has sustained physical damage. If you're deadly serious about removing data from drives, a combination of software like DBAN as well as physical destruction of the hard disk platters themselves (e.g.: industrial metal shredders) is a good choice. But without going to the expensive extreme of physical disk destruction, most data recovery places concede that the 7-pass DoD methods of data wiping are generally good enough to remove any ability to recover past data. Even if there is anything left, it's generally not enough to rebuild whole files or even strings of useful data. It's certainly enough if you're not worried about the practical ramifications, and only worried about the legal "tick the boxes" conformance side of things. - -Dan -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIU3E9eFJDv0P9Qb8RApnJAJ9dP6qT9EAV/SJAq5x9DYY9yGzzfACfX2M0 cHQlCebJ5dpIJoHFCLkynVY= =kUk2 -----END PGP SIGNATURE----- -- ubuntu-au mailing list ubuntu-au@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-au
