Package: debian-installer Version: 20061011 Severity: wishlist I would like to see the ability to clean hard disks (by securely overwriting all blocks) added to debian-installer. When I reuse a hard disk (or before I get rid of one), before I install I like to clean all data off the drive by overwriting it. My reasons for doing so are,
1.) There may be sensitive data still on the disk, that if someone compromised the system or physically obtained the disk (especially in the case of laptops) they might be able to collect. It is good to start from a known clean state knowing that only the data you put on the drive is there and you can take precautions to protect it. 2.) If a system is compromised (either by an attacker, a user error, or a partial drive failure), any remnants of old data will hinder any forensics analysis of the drive. If you are starting from a state of known contents (all the blocks set to a particular pattern or at least random) then you can find deleted logs/files/etc. The ability to do this is becoming increasing more important as we are beginning to see with the problems of large companies/institutions losing people's personal data and the resulting identity theft and fraud. This could be a neat feature that Debian introduces first. I recently did some searches to determine the best way of doing this. While a simple dd might work for most cases, I had heard that some attackers currently have the ability to read up seven writes back, so I thought there might be a better way. Most things I found while searching cited a canonical paper, "Secure Deletion of Data from Magnetic and Solid-State Memory" Peter Gutmann <[EMAIL PROTECTED]> https://www.usenix.org/publications/library/proceedings/sec96/full_papers/gutma nn/ There are also some government standards for wiping disks, American DoD 5220-22.M ( http://www.dss.mil/isec/nispom_0195.htm ) Canadian RCMP TSSIT OPS-II I found a few good solutions available in Debian already * shred - part of coreutils package, doesn't mention the Gutmann paper, but seems to use a similar technique. * wipe - Uses the techiniques recommended by Gutmann, read the man page for fun, it's pretty tin-foil-hat which frankly is how I like my security tools authors :) Just for those interested a few additional data points, * "Darik's Boot and Nuke" is a bootable iso that supports all the best methods of doing this. http://dban.sourceforge.net/ * MacOSX includes a secure deletion utility called "srm". Their "recycle basket" desktop feature has the ability to do a "secure empty" I have been using d-i to do this already by bringing up the network and then dropping to a shell and wget'ing shred. Then I run something like, "./shred -v -u -n 10 /dev/sda" That takes maybe an hour for an 18gb u160 10k rpm scsi disk and scales linearly as you go up (ie 4x that for a 72gb disk). If the machine has multiple disks I run several of them in parallel, and that seems to run in the same time it takes one (ie they are disk bound). I think this feature could be really useful for a lot of people, although probably only available in expert mode. What do you think? Thanks, -- Matt Taggart [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
