l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
October 7: Social gathering
Next Installfest:
TBD
Latest News:
Aug. 18: Discounts to "Velocity" in NY; come to tonight's "Photography" talk
Page last updated:
2009 Sep 15 11:33

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Most efficient way to wipe hard drives
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Most efficient way to wipe hard drives



Brian Lavender wrote:
> On Wed, Sep 09, 2009 at 09:20:30PM -0700, Bill Broadley wrote:
>> Short answer, one wipe is enough (At least for NIST, and one of the British
>> Infosec standards), wipes miss bad sectors, the ATA secure erase command is
>> worth checking out.
> [snip]
> I think caching is a concern on some systems, so more wipes seems to
> magically make the write go to the actual media. But I would agree with

I don't see how.  After all a system wouldn't work well without reliable
writes.  Sure you should do a sync and order shutdown and not pull the power
the second the dd command comes back.  Especially if the disk light is showing
activity.  NIST seems to have made a very informed decision on the single
write is enough.  Keep in mind even if linux random dropped writes without
telling anyone the cache is much much smaller than the disk on any sane system.


> one wipe is probably enough. I had not thought about bad blocks. 

Secure erase or destruction is the only way to get those.

>> So if you don't use secure wipe and won't lose sleep at night over a few bad
>> blocks being potentially recovered I'd recommend something like:
>>
>> dd if=/dev/urandom of=/dev/sd<whichever disk>
> 
> Your computer must have a lot of entropy! Note that that device gathers

Note the above is /dev/urandom, only /dev/random is limited by entropy.
Indeed a read of a disk worth from /dev/random would take a very long time.

As long as your attacker doesn't have root access to the machine doing the
wipe during the wipe you should be good.  Pretty much all linux distributions
since 2000 or so save the seed state across reboots.



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!