On Tuesday 27 October 2009 14:12:56 Brad Tilley wrote: > On Tue, Oct 27, 2009 at 11:12 AM, Jordi Espasa Clofent > <jordi.esp...@opengea.org> wrote: > > $ dd if=/deb/zero of=<disk_to_delete> > > > > ?Do you think is it safe enough? I mean ?is it enough against the common > > recovery low-level data tools? > > There is no evidence of over-written data *ever* being recovered. > There is some theory in research papers that suggests it may be > possible. There may be aliens and bigfoot and the NSA may be able to > recover over-written data if you are of interest to them. OK, back to > reality... the only suggestion I would make is to use arandom rather > than urandom. You can cron that same command except output to a file > rather than to the device to periodically overwrite the unallocated > sectors. I do that. It kills a lot of the forensics tools that have > the ability to recover deleted files, etc. > > Something like this on each partition: > > file=$$.random > dd if=/dev/arandom of=$file > sync > rm -f $file > sync > > Brad
Saying that data has never been recovered is not true. I personally was involved with a disk disaster on a 10M RLL disk back in 1985 or so, and there was some--not all, but some--data recovered after being overwriten. Today's disks are far different. No, I don't think you can scoop up data en mass on a 500G disk. Wether multiple overwrites provides more security is a matter of debate. The real danger today are sectors that got mapped out which are bad, but could contain interesting or embaressing data; 512 bytes could hold a lot of stuff, like passwords. If you aren't using the disk for really sensitive data, erase it and be done with it. If its sensitive, have some fun by taking it apart (you can recycle the aluminium) and do something creative with the platters. I think Theo once took a blowtorch to some? That might provide entertainmant. --STeve Andre'