Bug#392480: debian-installer: add support for cleaning hard drives
Am Mittwoch, den 11.03.2009, 16:08 +0100 schrieb Goswin von Brederlow: Paul Menzel pm.deb...@googlemail.com writes: Am Mittwoch, den 11.03.2009, 14:53 +0100 schrieb Goswin von Brederlow: Paul Menzel pm.deb...@googlemail.com writes: Am Mittwoch, den 11.03.2009, 11:08 +0100 schrieb Goswin von Brederlow: Matt Taggart tagg...@debian.org writes: Well this assumption (to encrypt the disc afterward) is not necessarily valid. A company is giving away computers to a school or for use for children, where no encryption is needed. They require you to wipe the drive. (Ok, they should do it themselves to be on the safe side of things, but in reality things are different.) BTW something like Dan's Boot and Nuke is an option for this case too. But like I said in a previous mail it would be convenient if d-i could do this as I usually have d-i disks laying around :) Switch to the second console. cat /dev/null /dev/sda Go get lunch. Well that is not sufficient. Doing this the date can still be reconstructed. There have been multiple challenges to data reconstructing firms to actualy demonstrate they can reconstruct a disk after a single overwrite. None of them have been answered ttbom. So your claim remains theoretical. Interesting. Good to hear that, to be more sceptical towards the propaganda by the recovery companies. It would be interesting if you could post the link to this information. I think the last one was on slashdot last year. Strangely that governments have those standards to erase discs several times. - Theoretically you can get information back after a single overwrite. - There is a difference between possible and practical/affordable. - The companies claim they can do it. - Them not taking up the challenge does not proove they can't do it. But it makes me wonder why NONE have tried to grab the publicity winning such a challenge would bring. What a coincident. I just found this [1]. Thanks, Paul [1] http://sansforensics.wordpress.com/2009/01/15/overwriting-hard-drive-data/ signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Bug#392480: debian-installer: add support for cleaning hard drives
Matt Taggart tagg...@debian.org writes: Well this assumption (to encrypt the disc afterward) is not necessarily valid. A company is giving away computers to a school or for use for children, where no encryption is needed. They require you to wipe the drive. (Ok, they should do it themselves to be on the safe side of things, but in reality things are different.) BTW something like Dan's Boot and Nuke is an option for this case too. But like I said in a previous mail it would be convenient if d-i could do this as I usually have d-i disks laying around :) Switch to the second console. cat /dev/null /dev/sda Go get lunch. If such a udeb exists and the additional option is too much work, could you please point me to a howto where the handling of udeb-files is described, so I can unpack it manually. BTW, not a udeb but I did publish instructions on how to use shred http://lackof.org/taggart/hacking/d-i-tricks/#shred MfG Goswin -- To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#392480: debian-installer: add support for cleaning hard drives
Am Mittwoch, den 11.03.2009, 11:08 +0100 schrieb Goswin von Brederlow: Matt Taggart tagg...@debian.org writes: Well this assumption (to encrypt the disc afterward) is not necessarily valid. A company is giving away computers to a school or for use for children, where no encryption is needed. They require you to wipe the drive. (Ok, they should do it themselves to be on the safe side of things, but in reality things are different.) BTW something like Dan's Boot and Nuke is an option for this case too. But like I said in a previous mail it would be convenient if d-i could do this as I usually have d-i disks laying around :) Switch to the second console. cat /dev/null /dev/sda Go get lunch. Well that is not sufficient. Doing this the date can still be reconstructed. If such a udeb exists and the additional option is too much work, could you please point me to a howto where the handling of udeb-files is described, so I can unpack it manually. BTW, not a udeb but I did publish instructions on how to use shred http://lackof.org/taggart/hacking/d-i-tricks/#shred Thanks, Paul signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Bug#392480: debian-installer: add support for cleaning hard drives
Paul Menzel pm.deb...@googlemail.com writes: Am Mittwoch, den 11.03.2009, 11:08 +0100 schrieb Goswin von Brederlow: Matt Taggart tagg...@debian.org writes: Well this assumption (to encrypt the disc afterward) is not necessarily valid. A company is giving away computers to a school or for use for children, where no encryption is needed. They require you to wipe the drive. (Ok, they should do it themselves to be on the safe side of things, but in reality things are different.) BTW something like Dan's Boot and Nuke is an option for this case too. But like I said in a previous mail it would be convenient if d-i could do this as I usually have d-i disks laying around :) Switch to the second console. cat /dev/null /dev/sda Go get lunch. Well that is not sufficient. Doing this the date can still be reconstructed. There have been multiple challenges to data reconstructing firms to actualy demonstrate they can reconstruct a disk after a single overwrite. None of them have been answered ttbom. So your claim remains theoretical. If you really are that paranoid then use /dev/(u)random multiple times. If such a udeb exists and the additional option is too much work, could you please point me to a howto where the handling of udeb-files is described, so I can unpack it manually. BTW, not a udeb but I did publish instructions on how to use shred http://lackof.org/taggart/hacking/d-i-tricks/#shred Thanks, Paul MfG Goswin -- To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#392480: debian-installer: add support for cleaning hard drives
Am Mittwoch, den 11.03.2009, 14:53 +0100 schrieb Goswin von Brederlow: Paul Menzel pm.deb...@googlemail.com writes: Am Mittwoch, den 11.03.2009, 11:08 +0100 schrieb Goswin von Brederlow: Matt Taggart tagg...@debian.org writes: Well this assumption (to encrypt the disc afterward) is not necessarily valid. A company is giving away computers to a school or for use for children, where no encryption is needed. They require you to wipe the drive. (Ok, they should do it themselves to be on the safe side of things, but in reality things are different.) BTW something like Dan's Boot and Nuke is an option for this case too. But like I said in a previous mail it would be convenient if d-i could do this as I usually have d-i disks laying around :) Switch to the second console. cat /dev/null /dev/sda Go get lunch. Well that is not sufficient. Doing this the date can still be reconstructed. There have been multiple challenges to data reconstructing firms to actualy demonstrate they can reconstruct a disk after a single overwrite. None of them have been answered ttbom. So your claim remains theoretical. Interesting. Good to hear that, to be more sceptical towards the propaganda by the recovery companies. It would be interesting if you could post the link to this information. Strangely that governments have those standards to erase discs several times. If you really are that paranoid then use /dev/(u)random multiple times. If such a udeb exists and the additional option is too much work, could you please point me to a howto where the handling of udeb-files is described, so I can unpack it manually. BTW, not a udeb but I did publish instructions on how to use shred http://lackof.org/taggart/hacking/d-i-tricks/#shred Thanks, Paul signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Bug#392480: debian-installer: add support for cleaning hard drives
Paul Menzel pm.deb...@googlemail.com writes: Am Mittwoch, den 11.03.2009, 14:53 +0100 schrieb Goswin von Brederlow: Paul Menzel pm.deb...@googlemail.com writes: Am Mittwoch, den 11.03.2009, 11:08 +0100 schrieb Goswin von Brederlow: Matt Taggart tagg...@debian.org writes: Well this assumption (to encrypt the disc afterward) is not necessarily valid. A company is giving away computers to a school or for use for children, where no encryption is needed. They require you to wipe the drive. (Ok, they should do it themselves to be on the safe side of things, but in reality things are different.) BTW something like Dan's Boot and Nuke is an option for this case too. But like I said in a previous mail it would be convenient if d-i could do this as I usually have d-i disks laying around :) Switch to the second console. cat /dev/null /dev/sda Go get lunch. Well that is not sufficient. Doing this the date can still be reconstructed. There have been multiple challenges to data reconstructing firms to actualy demonstrate they can reconstruct a disk after a single overwrite. None of them have been answered ttbom. So your claim remains theoretical. Interesting. Good to hear that, to be more sceptical towards the propaganda by the recovery companies. It would be interesting if you could post the link to this information. I think the last one was on slashdot last year. Strangely that governments have those standards to erase discs several times. - Theoretically you can get information back after a single overwrite. - There is a difference between possible and practical/affordable. - The companies claim they can do it. - Them not taking up the challenge does not proove they can't do it. But it makes me wonder why NONE have tried to grab the publicity winning such a challenge would bring. MfG Goswin -- To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#392480: debian-installer: add support for cleaning hard drives
found 392480 64 thanks Dear Debian folks, Am Sonntag, den 15.10.2006, 02:03 +0200 schrieb David Härdeman: On Wed, Oct 11, 2006 at 03:27:13PM -0700, Matt Taggart wrote: I would like to see the ability to clean hard disks (by securely overwriting all blocks) added to debian-installer. When I reuse a hard disk (or before I get rid of one), before I install I like to clean all data off the drive by overwriting it. My reasons for doing so are, 1.) There may be sensitive data still on the disk, that if someone compromised the system or physically obtained the disk (especially in the case of laptops) they might be able to collect. It is good to start from a known clean state knowing that only the data you put on the drive is there and you can take precautions to protect it. 2.) If a system is compromised (either by an attacker, a user error, or a partial drive failure), any remnants of old data will hinder any forensics analysis of the drive. If you are starting from a state of known contents (all the blocks set to a particular pattern or at least random) then you can find deleted logs/files/etc. The ability to do this is becoming increasing more important as we are beginning to see with the problems of large companies/institutions losing people's personal data and the resulting identity theft and fraud. This could be a neat feature that Debian introduces first. If you are concerned with the safety of your personal data being left from a previous installation, I assume you're also (and even more so) worried about your personal data being kept safe in the new installation? If so, I'd assume that you'd do an install to an encrypted partition...and if you do, debian-installer (or partman-crypto to be more precise) will already wipe the disk with one round of random data. That should be sufficient for anything but the worst tin foil hat scenarios. Well this assumption (to encrypt the disc afterward) is not necessarily valid. A company is giving away computers to a school or for use for children, where no encryption is needed. They require you to wipe the drive. (Ok, they should do it themselves to be on the safe side of things, but in reality things are different.) So it would be nice, if such an option in expert mode could be given. I thought I found something on the WWW, where it said that there is already an udeb for wipe. But I cannot find it anymore. If such a udeb exists and the additional option is too much work, could you please point me to a howto where the handling of udeb-files is described, so I can unpack it manually. Thanks a lot, Paul signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Processed: Re: Bug#392480: debian-installer: add support for cleaning hard drives
Processing commands for cont...@bugs.debian.org: found 392480 64 Bug#392480: debian-installer: add support for cleaning hard drives Bug marked as found in version 64. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#392480: debian-installer: add support for cleaning hard drives
Well this assumption (to encrypt the disc afterward) is not necessarily valid. A company is giving away computers to a school or for use for children, where no encryption is needed. They require you to wipe the drive. (Ok, they should do it themselves to be on the safe side of things, but in reality things are different.) BTW something like Dan's Boot and Nuke is an option for this case too. But like I said in a previous mail it would be convenient if d-i could do this as I usually have d-i disks laying around :) If such a udeb exists and the additional option is too much work, could you please point me to a howto where the handling of udeb-files is described, so I can unpack it manually. BTW, not a udeb but I did publish instructions on how to use shred http://lackof.org/taggart/hacking/d-i-tricks/#shred -- Matt Taggart tagg...@debian.org -- To UNSUBSCRIBE, email to debian-boot-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#392480: debian-installer: add support for cleaning hard drives
Processing commands for [EMAIL PROTECTED]: reassign 392480 partman-partitioning Bug#392480: debian-installer: add support for cleaning hard drives Bug reassigned from package `debian-installer' to `partman-partitioning'. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#392480: debian-installer: add support for cleaning hard drives
David =?iso-8859-1?Q?H=E4rdeman?= writes... If you are concerned with the safety of your personal data being left from a previous installation, I assume you're also (and even more so) worried about your personal data being kept safe in the new installation? If so, I'd assume that you'd do an install to an encrypted partition...and if you do, debian-installer (or partman-crypto to be more precise) will already wipe the disk with one round of random data. That should be sufficient for anything but the worst tin foil hat scenarios. I recently discovered that Peter Gutmann added an Epilogue to his original paper, http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html (search for Epilogue) or reprinted at http://www.forensicswiki.org/wiki/Epilogue_to_Gutmann's_1996_paper in it he explains that with modern drives, a few passes of random data is the best you can hope to do. I think your suggestion of using partman-crypto to wipe the disk with one round of random data is probably OK. I haven't tried using it yet, can you do this step without also creating a new crypto filesystem on the disk as well? Ideally you could just do the wipe only so if you were just trying to clean the disk you could stop there and not bother to put anything else on it(for cleanliness reasons, not because of the time/cpu it takes to generate the new filesystem). So I consider the wishlist to be able to wipe the disk closed, but I'd like to be able to do it without also creating a new filesystem if possible (this could be in expert mode of course). Thanks, -- Matt Taggart [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#392480: debian-installer: add support for cleaning hard drives
On Wed, Oct 11, 2006 at 03:27:13PM -0700, Matt Taggart wrote: I would like to see the ability to clean hard disks (by securely overwriting all blocks) added to debian-installer. When I reuse a hard disk (or before I get rid of one), before I install I like to clean all data off the drive by overwriting it. My reasons for doing so are, 1.) There may be sensitive data still on the disk, that if someone compromised the system or physically obtained the disk (especially in the case of laptops) they might be able to collect. It is good to start from a known clean state knowing that only the data you put on the drive is there and you can take precautions to protect it. 2.) If a system is compromised (either by an attacker, a user error, or a partial drive failure), any remnants of old data will hinder any forensics analysis of the drive. If you are starting from a state of known contents (all the blocks set to a particular pattern or at least random) then you can find deleted logs/files/etc. The ability to do this is becoming increasing more important as we are beginning to see with the problems of large companies/institutions losing people's personal data and the resulting identity theft and fraud. This could be a neat feature that Debian introduces first. If you are concerned with the safety of your personal data being left from a previous installation, I assume you're also (and even more so) worried about your personal data being kept safe in the new installation? If so, I'd assume that you'd do an install to an encrypted partition...and if you do, debian-installer (or partman-crypto to be more precise) will already wipe the disk with one round of random data. That should be sufficient for anything but the worst tin foil hat scenarios. -- David Härdeman
Bug#392480: debian-installer: add support for cleaning hard drives
Package: debian-installer Version: 20061011 Severity: wishlist I would like to see the ability to clean hard disks (by securely overwriting all blocks) added to debian-installer. When I reuse a hard disk (or before I get rid of one), before I install I like to clean all data off the drive by overwriting it. My reasons for doing so are, 1.) There may be sensitive data still on the disk, that if someone compromised the system or physically obtained the disk (especially in the case of laptops) they might be able to collect. It is good to start from a known clean state knowing that only the data you put on the drive is there and you can take precautions to protect it. 2.) If a system is compromised (either by an attacker, a user error, or a partial drive failure), any remnants of old data will hinder any forensics analysis of the drive. If you are starting from a state of known contents (all the blocks set to a particular pattern or at least random) then you can find deleted logs/files/etc. The ability to do this is becoming increasing more important as we are beginning to see with the problems of large companies/institutions losing people's personal data and the resulting identity theft and fraud. This could be a neat feature that Debian introduces first. I recently did some searches to determine the best way of doing this. While a simple dd might work for most cases, I had heard that some attackers currently have the ability to read up seven writes back, so I thought there might be a better way. Most things I found while searching cited a canonical paper, Secure Deletion of Data from Magnetic and Solid-State Memory Peter Gutmann [EMAIL PROTECTED] https://www.usenix.org/publications/library/proceedings/sec96/full_papers/gutma nn/ There are also some government standards for wiping disks, American DoD 5220-22.M ( http://www.dss.mil/isec/nispom_0195.htm ) Canadian RCMP TSSIT OPS-II I found a few good solutions available in Debian already * shred - part of coreutils package, doesn't mention the Gutmann paper, but seems to use a similar technique. * wipe - Uses the techiniques recommended by Gutmann, read the man page for fun, it's pretty tin-foil-hat which frankly is how I like my security tools authors :) Just for those interested a few additional data points, * Darik's Boot and Nuke is a bootable iso that supports all the best methods of doing this. http://dban.sourceforge.net/ * MacOSX includes a secure deletion utility called srm. Their recycle basket desktop feature has the ability to do a secure empty I have been using d-i to do this already by bringing up the network and then dropping to a shell and wget'ing shred. Then I run something like, ./shred -v -u -n 10 /dev/sda That takes maybe an hour for an 18gb u160 10k rpm scsi disk and scales linearly as you go up (ie 4x that for a 72gb disk). If the machine has multiple disks I run several of them in parallel, and that seems to run in the same time it takes one (ie they are disk bound). I think this feature could be really useful for a lot of people, although probably only available in expert mode. What do you think? Thanks, -- Matt Taggart [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]