Inquiry:How to totally wipe out the entire hard drive

[Mark Allums]

Florian Kulzer wrote:

On Fri, Sep 11, 2009 at 23:56:47 -0400, Napoleon wrote:

Which actually proves nothing at all.


I have Karl Popper on the phone for you; he sounds extremely bored.


   It is only their opinion that
it cannot be done.


Wright et al. have empirical evidence supporting their conclusions.


But then if they had the equipment to do it,
they wouldn't be allowed to publish a paper on it.

Governments (including the U.S. government) have equipment far
surpassing anything publicly available (and discussable).


Maybe that is exactly what "they" want you to think...




I'm entering this late, and probably futilely, but wiping a hard drive
can be done.  It simply requires equipment that only the drive
manufacturers have.

Rather than wipe, destroy.  Drill several holes through the platters,
break the circuit boards, and submerge and drown the drive for a week or
two in a brine.

Not environmentally friendly, but effective.

May I ask, Why?  Got something to hide?

Mark Allums



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Inquiry:How to totally wipe out the entire hard drive

[Lee Winter]

On Sat, Sep 12, 2009 at 6:36 PM, Florian Kulzer
 wrote:

> On Fri, Sep 11, 2009 at 23:56:47 -0400, Napoleon wrote:

>> It is only their opinion that it cannot be done.

> Wright et al. have empirical evidence supporting their conclusions.

No they do not.

This key to this issue is that when one consults an expert, no matter
how many credentials they have, one must consider their statements
critically.

An expert (or even a nuby/amatur) who claims "I know how to do this"
should get the benefit of the doubt and be believed.  Similarly, an
expert who says "I do not know how to do this" should also be
believed.  If they say "I have tried many ways to do this and found
none that works" they should be believed and probably consulted as to
how to not accomplish the goal.

But if they say "I know that it is not possible for anyone to do this"
then they do not deserve the benefit of the doubt.  They have to
provide a proof.  Now if they can elaborate by saying "the laws of the
universe prohibit anyone from doing this" and can provide a valid
proof then they should be believed.

But the authorities you quote do not have such a proof.  In fact they
do not even have any evidence.  What they have is an opinion as to the
difficulty of reaching the goal, about which they should be believed.

Please do not confuse "that is hard" with "that is impossible".

Meditatively,

Lee Winter
NP Engineering
Nashua, New Hampshire


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Inquiry:How to totally wipe out the entire hard drive

[Florian Kulzer]

On Fri, Sep 11, 2009 at 23:56:47 -0400, Napoleon wrote:
> Which actually proves nothing at all.

I have Karl Popper on the phone for you; he sounds extremely bored.

>It is only their opinion that
> it cannot be done.

Wright et al. have empirical evidence supporting their conclusions.

> But then if they had the equipment to do it,
> they wouldn't be allowed to publish a paper on it.
> 
> Governments (including the U.S. government) have equipment far
> surpassing anything publicly available (and discussable).

Maybe that is exactly what "they" want you to think...

-- 
Regards,| http://users.icfo.es/Florian.Kulzer
  Florian   |


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Inquiry:How to totally wipe out the entire hard drive

[Napoleon]

Which actually proves nothing at all.  It is only their opinion that it 
cannot be done.  But then if they had the equipment to do it, they 
wouldn't be allowed to publish a paper on it.


Governments (including the U.S. government) have equipment far 
surpassing anything publicly available (and discussable).


Zac Slade wrote:

This time with the attachment... *whiff*


--
Zac Slade
krakr...@gmail.com 



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Inquiry:How to totally wipe out the entire hard drive

[Andrei Popescu]

On Mon,07.Sep.09, 05:44:31, Christopher Walters wrote:
 
> However, it is just a guess, but I don't think that anyone here has data
> on their drives that is so sensitive that it would require extreme
> measures to destroy the data (e.g. destroy the drive).  I would think
> that, for most, a simple wipe would be sufficient, since most
> individuals don't have access to an STM or the skills to use it.

Well, my guess is if anyone does have important enough data he should be 
using encrypted storage in the first place. 

Regards,
Andrei
-- 
If you can't explain it simply, you don't understand it well enough.
(Albert Einstein)


signature.asc
Description: Digital signature

Re: Inquiry:How to totally wipe out the entire hard drive

[Christopher Walters]

Lee Winter wrote:
[snip]
>
>   He is pretty well known in the fields of computer security and
> data deletion.  Here is a link to his paper.
>
> http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
> 
>
>
> Yup, that's the one.
>
> Please read the first paragraph of the section entitled "Epilogue" and
> compare it to the summary I gave above in the last paragraph.  It was
> my intention that they mean the same thing.
>
> In the section entitled "Further Epilogue" he goes on to describe the
> hopelessness of trying to recover info from a modern drive.  That
> section is the target of my comments re the opinion of an expert who
> states he does not know how to accomplish a certain task.  There is
> absolutely nothing wrong with his statement.  There is everything
> wrong with the reader mis-interpreting his statement as evidence or
> proof that the certain task is infeasible.
>
> Case in point.  A couple of years ago one of the major financial
> companies (3rd I think) in NYC was concerned about reducing costs. 
> They run an IT-intensive operation so they recycle machines often. 
> That is expensive.  But a 1-or-2-year-old HD is reasonably valuable. 
> So they wanted to recycle them rather than destroy them.
>
> But they have _extremely_ valuable information on even their desktop
> drives.  Many contain customer information, so, as a fiduciary, any
> preventable leakage would essentially put them out of business.  Other
> drives may contain strategic information either in the form of
> documents or in transaction records. And of course the data-center
> drives are even more valuable.  What's all that information worth? 
> Many zeros.  _Many_.
>
> As an aside, shredding is a popular method of drive destruction.  But
> modern drive densities are so high that even a shred 0.01" square can
> hold valuable data, so physical destruction alone is not sufficient. 
> That may have something to do with the fact that _internal_ gov't
> standards allow only a very few kinds of physical destruction -- i.e.,
> complete to the level of a minimum-sized magnetic domain of the
> particular recording media.  Think acid, thermite, grinding/abrasion, etc.
>
> Given the incredible value of the financial system data, how much is
> it worth to recover it?  The modern recovery process usually has two
> distinct phases, one quite capital- and skill-intensive and one quite
> ordinary.  The first phase is to build a data recovery capability
> (lab).  That takes time, money, and skilled labor.  The second phase
> is operating the recovery lab, which is fairly cheap.  It isn't very
> fast though (meaning long latency, but not meaning low throughput).
>
> Point is that once you have such a capability many unreasonable
> possibilities become quite reasonable.  And industrial espionage is a
> thriving industry.  Just who owns (or more importantly controls) the
> recycling company that hauls away your machines/drives?
>
> Have you ever taken a drive apart, replaced the drive electronics and
> resold it?  People do it all the time.  And if the replacement happens
> to be a much more sophisticated board, you can read lots of things
> that the original drive electronics could not.  If you open the sealed
> module to get at (replace) the HDA you can do a great deal more.  If
> you have serious cash available, like $1e8, you can get a low-level
> image of the platters with an STM and turn a computing cluster loose
> on the image.  That's just an (extremely) advanced form of OCR.  C.f.
> "palimpsest".
>
> Point of this mini-rant is that it is very easy to underestimate
> security threats.  People should resist that tendency.
>
> Disclaimer: I no longer participate in drive recycling, so I'm not
> "selling" anything here.  Just providing a word to the wise.
>
> Lee Winter
> NP Engineering
> Nashua, New Hampshire

Well, it seems like we might agree on this one.  My point is that, just
because an expert (or 'expert') says it is impossible to recover data
from a modern drive does not make it true.  As Mr. Guttman points out,
we only have the standards that are *published* by various governments,
and we all can agree that those published standards don't tell the whole
story, for various reasons.

Only the FBI and those who work for them know what they are *really*
capable of recovering from a wiped hard drive - most of their methods
and capabilities are certainly classified.  The CIA probably has similar
methods, and I assume that other governments around the world have
theirs.  The methods to destroy drives that contain classified data are
also most certainly classified, so a real expert in either area would
not be at liberty to say what they are. 

However, it is just a guess, but I don't think that anyone here has data
on their drives that is so sensitive that it would require extreme
measures to destroy the data (e.g. destroy the drive).  I would think
that, for mo

Re: Inquiry:How to totally wipe out the entire hard drive

[Napoleon]

Sven Joachim wrote:

On 2009-09-06 21:12 +0200, John Hasler wrote:


Napoleon writes:

Overwriting with zeros (or ones) once is not at all secure.  It can
easily be nearly 100% recovered by someone with the necessary
equipment, even more so on a modern drive.

Please provide evidence that anyone has ever done this on a modern
drive.


Jumping into that discussion, here is evidence that this is not possible
with modern drives:

http://www.h-online.com/news/Secure-deletion-a-single-overwrite-will-do-it--/112432

So, anyone who wants to sell his hard disk can just use
"dd if=/dev/zero ..." and be done with it.

Sven




Don't believe everything you read on the internet.  This guy may claim 
to be a forensics expert, and he may claim to be able to do certain 
things.  But he does not have a security clearance (if he did, he 
wouldn't be able to discuss it), and he obviously does not have access 
to some of the equipment available to others.



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Inquiry:How to totally wipe out the entire hard drive

[Lee Winter]

On Sun, Sep 6, 2009 at 5:52 PM, Christopher Walters wrote:

>  Lee Winter wrote:
>
> On Sun, Sep 6, 2009 at 3:42 PM, Sven Joachim  wrote:
>
>>  [snip]
>
>  Jumping into that discussion, here is evidence that this is not possible
>> with modern drives:
>>
>>
>> http://www.h-online.com/news/Secure-deletion-a-single-overwrite-will-do-it--/112432
>
>
> No, that it not evidence.  It is an opinion; possibly a very informed
> opinion.  But security issues often require a skeptical perspective.  In
> this case an expert's statement that he does not know how to retrieve info
> from a drive is abolutely worthless in determining whether anyone else knows
> how to retrieve info from a drive.
>
> [snip]
>
>  That will work up to the value of the information being secured.  But
> once the value of the information reaches an upper limit then it becomes
> worthwhile for people to use more sophisticated techniques, and overwriting
> with a constant pattern becomes worthless.
>
> There is a recently revised NIST standard for securing information.  It
> says very little -- propably because the US givernment has an interest in
> lowering other entities security.  The previous versions of that standard
> were a lot more informative and useful.
>
> BTW, no sensible person ever said that 35 passes were necessary and/or
> useful.  A well-informed and well-intentioned expert answered a silly
> question and his answer boils down to the (valid) claim that it is not
> possible for any drive to require more than 35 passes.  The total of 35 was
> obtained by summing all of the possible overwrite techniques for all
> possible drive/recording technologies.  After that many non-sensible people
> claimed that 35 passes was the ne-plus-ultra in disk scribbing, which claim
> is both invalid and stupid.
>
> Lee Winter
> NP Engineering
> Nashua, New Hampshire
>
>
> Not a fan of Peter Guttman, I take it.
>

Incorrect.


>   He is pretty well known in the fields of computer security and data
> deletion.  Here is a link to his paper.
>
> http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
>
>
Yup, that's the one.

Please read the first paragraph of the section entitled "Epilogue" and
compare it to the summary I gave above in the last paragraph.  It was my
intention that they mean the same thing.

In the section entitled "Further Epilogue" he goes on to describe the
hopelessness of trying to recover info from a modern drive.  That section is
the target of my comments re the opinion of an expert who states he does not
know how to accomplish a certain task.  There is absolutely nothing wrong
with his statement.  There is everything wrong with the reader
mis-interpreting his statement as evidence or proof that the certain task is
infeasible.

Case in point.  A couple of years ago one of the major financial companies
(3rd I think) in NYC was concerned about reducing costs.  They run an
IT-intensive operation so they recycle machines often.  That is expensive.
But a 1-or-2-year-old HD is reasonably valuable.  So they wanted to recycle
them rather than destroy them.

But they have _extremely_ valuable information on even their desktop
drives.  Many contain customer information, so, as a fiduciary, any
preventable leakage would essentially put them out of business.  Other
drives may contain strategic information either in the form of documents or
in transaction records. And of course the data-center drives are even more
valuable.  What's all that information worth?  Many zeros.  _Many_.

As an aside, shredding is a popular method of drive destruction.  But modern
drive densities are so high that even a shred 0.01" square can hold valuable
data, so physical destruction alone is not sufficient.  That may have
something to do with the fact that _internal_ gov't standards allow only a
very few kinds of physical destruction -- i.e., complete to the level of a
minimum-sized magnetic domain of the particular recording media.  Think
acid, thermite, grinding/abrasion, etc.

Given the incredible value of the financial system data, how much is it
worth to recover it?  The modern recovery process usually has two distinct
phases, one quite capital- and skill-intensive and one quite ordinary.  The
first phase is to build a data recovery capability (lab).  That takes time,
money, and skilled labor.  The second phase is operating the recovery lab,
which is fairly cheap.  It isn't very fast though (meaning long latency, but
not meaning low throughput).

Point is that once you have such a capability many unreasonable
possibilities become quite reasonable.  And industrial espionage is a
thriving industry.  Just who owns (or more importantly controls) the
recycling company that hauls away your machines/drives?

Have you ever taken a drive apart, replaced the drive electronics and resold
it?  People do it all the time.  And if the replacement happens to be a much
more sophisticated board, you can read lots 

Re: Inquiry:How to totally wipe out the entire hard drive

[Zac Slade]

On Sun, Sep 6, 2009 at 3:08 PM, Boyd Stephen Smith Jr. <
b...@iguanasuicide.net> wrote:

> In <4aa40ac8.2050...@attglobal.net>, Napoleon wrote:
> >John Hasler wrote:
> >> I wrote:
> >>> If you want to destroy all the data for security purposes install and
> >>> use shred.  It will take quite a while on a large disk.
> >>
> >>> Ron Johnson writes:
>  This really is a myth.
> >>
> >>> What is?
> >>
> >> In actual fact, overwriting with zeros once probably suffices for a
> >> modern drive (but there is the problem of bad blocks...)
> >
> >(Should have gone to the list but I screwed up the first time - sorry).
> >
> >Overwriting with zeros (or ones) once is not at all secure.
>
> This is totally, absolutely a myth.  The 1996 paper used a recovery
> technique
> that doesn't work on modern drives, and admitted that only one random write
> would likely be more than enough to prevent recovery.  More recently,
> actual
> research was done on the topic, and a single-pass, fixed-pattern (all
> zeros)
> was still impossible to recover more than a few bytes from a modern hard
> drive.
>
> Zac, do you have the URL for that paper handy?  I know you sent it out end
> of
> last year or the beginning of this one, but I seem to have misplaced it.
>

Yes I've attached the research paper titled "Overwriting Hard Drive Data:
The Great Wiping Controversy"(PDF) that shows this is only a myth.  These
guys did the work and it's very enlightening.  See the chart on page 10 to
see how impossible it is to recover bits from an overwritten drive.

-- 
Zac Slade
krakr...@gmail.com

Re: Inquiry:How to totally wipe out the entire hard drive

[Christopher Walters]

Lee Winter wrote:
> On Sun, Sep 6, 2009 at 3:42 PM, Sven Joachim  > wrote:
>
[snip]
>
> Jumping into that discussion, here is evidence that this is not
> possible
> with modern drives:
>
> 
> http://www.h-online.com/news/Secure-deletion-a-single-overwrite-will-do-it--/112432
>
>
> No, that it not evidence.  It is an opinion; possibly a very informed
> opinion.  But security issues often require a skeptical perspective. 
> In this case an expert's statement that he does not know how to
> retrieve info from a drive is abolutely worthless in determining
> whether anyone else knows how to retrieve info from a drive.
>  
> [snip]

> That will work up to the value of the information being secured.  But
> once the value of the information reaches an upper limit then it
> becomes worthwhile for people to use more sophisticated techniques,
> and overwriting with a constant pattern becomes worthless.
>
> There is a recently revised NIST standard for securing information. 
> It says very little -- propably because the US givernment has an
> interest in lowering other entities security.  The previous versions
> of that standard were a lot more informative and useful.
>
> BTW, no sensible person ever said that 35 passes were necessary and/or
> useful.  A well-informed and well-intentioned expert answered a silly
> question and his answer boils down to the (valid) claim that it is not
> possible for any drive to require more than 35 passes.  The total of
> 35 was obtained by summing all of the possible overwrite techniques
> for all possible drive/recording technologies.  After that many
> non-sensible people claimed that 35 passes was the ne-plus-ultra in
> disk scribbing, which claim is both invalid and stupid.
>
> Lee Winter
> NP Engineering
> Nashua, New Hampshire

Not a fan of Peter Guttman, I take it.  He is pretty well known in the
fields of computer security and data deletion.  Here is a link to his paper.

http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html


Chris

Re: Inquiry:How to totally wipe out the entire hard drive

[Christopher Walters]

Napoleon wrote:
> John Hasler wrote:
>> I wrote:
>>> If you want to destroy all the data for security purposes install and
>>> use shred.  It will take quite a while on a large disk.
>>
>> Ron Johnson writes:
>>> This really is a myth.
> [snip]
> (Should have gone to the list but I screwed up the first time - sorry).
>
> Overwriting with zeros (or ones) once is not at all secure.  It can
> easily be nearly 100% recovered by someone with the necessary
> equipment,  even more so on a modern drive.
>
> Overwriting multiple times with random data provides higher security.
> Physical destruction of the disk (i.e melting or physically shredding
> the disk) is the only sure-fire security.
I recall this discussion before.  There is a way to eliminate the
contents of a hard disk without physical destruction.  A powerful enough
EMP (electro-magnetic pulse) aimed at the drive would be enough to
permanently erase the contents.  However, I doubt that anyone here has
data on their drives sensitive enough for a government to want it (they
have the equipment to retrieve data, barring physical destruction or EMP). 

Wiping a hard drive is usually enough, if you are going to sell it or
give it away.

Chris


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Inquiry:How to totally wipe out the entire hard drive

[Boyd Stephen Smith Jr.]

In <4aa40f4c.1050...@attglobal.net>, Napoleon wrote:
>John Hasler wrote:
>> Napoleon writes:
>>> Overwriting with zeros (or ones) once is not at all secure.  It can
>>> easily be nearly 100% recovered by someone with the necessary
>>> equipment, even more so on a modern drive.
>>
>> Please provide evidence that anyone has ever done this on a modern
>> drive.
>>
>> In any case I doubt that the OP has secrets worthy of the attention of
>> people with "the necessary equipment", whatever that may be.
>
>The FBI can do it, for instance.

Do you have any supporting evidence for this statement?

>Some data recovery companies can also
>do it.

Do you have any supporting evidence for this statement?

Both of these parties have the ability to recover physically damaged disk 
better than the average consumer.  Here equipment is valuable, as you can 
replace broken parts that do not contain data.  Also, you can use equipment or 
parts that have different behavior when errors are encountered.

Both of these parties have the ability to undelete files better than the 
average consumer.  Here technical knowledge is valuable, based on how files 
are delete by the OS (hint: the data isn't overwritten at all), and the file 
system journal (and other "global" information) you can often recover files 
that have been deleted.

>I'm sure there are many others who can, even on modern drives.

No, no one can on modern drives.  The research has been done.  For virtually 
all "data loads" on a hard drive a single over-write with zeros is 
irrecoverable.  (If you wrote the same 128-bit pattern over and over across 
and entire 1TiB hard drive, (so, 2^26 copies of the same data) you might be 
able to recover it.)
-- 
Boyd Stephen Smith Jr.   ,= ,-_-. =.
b...@iguanasuicide.net   ((_/)o o(\_))
ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-'
http://iguanasuicide.net/\_/



signature.asc
Description: This is a digitally signed message part.

Re: Inquiry:How to totally wipe out the entire hard drive

[Lee Winter]

On Sun, Sep 6, 2009 at 3:42 PM, Sven Joachim  wrote:

> On 2009-09-06 21:12 +0200, John Hasler wrote:
>
> > Napoleon writes:
> >> Overwriting with zeros (or ones) once is not at all secure.  It can
> >> easily be nearly 100% recovered by someone with the necessary
> >> equipment, even more so on a modern drive.
> >
> > Please provide evidence that anyone has ever done this on a modern
> > drive.
>
> Jumping into that discussion, here is evidence that this is not possible
> with modern drives:
>
>
> http://www.h-online.com/news/Secure-deletion-a-single-overwrite-will-do-it--/112432


No, that it not evidence.  It is an opinion; possibly a very informed
opinion.  But security issues often require a skeptical perspective.  In
this case an expert's statement that he does not know how to retrieve info
from a drive is abolutely worthless in determining whether anyone else knows
how to retrieve info from a drive.


>
> 
>
> So, anyone who wants to sell his hard disk can just use
> "dd if=/dev/zero ..." and be done with it.
>

That will work up to the value of the information being secured.  But once
the value of the information reaches an upper limit then it becomes
worthwhile for people to use more sophisticated techniques, and overwriting
with a constant pattern becomes worthless.

There is a recently revised NIST standard for securing information.  It says
very little -- propably because the US givernment has an interest in
lowering other entities security.  The previous versions of that standard
were a lot more informative and useful.

BTW, no sensible person ever said that 35 passes were necessary and/or
useful.  A well-informed and well-intentioned expert answered a silly
question and his answer boils down to the (valid) claim that it is not
possible for any drive to require more than 35 passes.  The total of 35 was
obtained by summing all of the possible overwrite techniques for all
possible drive/recording technologies.  After that many non-sensible people
claimed that 35 passes was the ne-plus-ultra in disk scribbing, which claim
is both invalid and stupid.

Lee Winter
NP Engineering
Nashua, New Hampshire

Re: Inquiry:How to totally wipe out the entire hard drive

[Boyd Stephen Smith Jr.]

In <4aa40ac8.2050...@attglobal.net>, Napoleon wrote:
>John Hasler wrote:
>> I wrote:
>>> If you want to destroy all the data for security purposes install and
>>> use shred.  It will take quite a while on a large disk.
>>
>>> Ron Johnson writes:
 This really is a myth.
>>
>>> What is?
>>
>> In actual fact, overwriting with zeros once probably suffices for a
>> modern drive (but there is the problem of bad blocks...)
>
>(Should have gone to the list but I screwed up the first time - sorry).
>
>Overwriting with zeros (or ones) once is not at all secure.

This is totally, absolutely a myth.  The 1996 paper used a recovery technique 
that doesn't work on modern drives, and admitted that only one random write 
would likely be more than enough to prevent recovery.  More recently, actual 
research was done on the topic, and a single-pass, fixed-pattern (all zeros) 
was still impossible to recover more than a few bytes from a modern hard 
drive.

Zac, do you have the URL for that paper handy?  I know you sent it out end of 
last year or the beginning of this one, but I seem to have misplaced it.
-- 
Boyd Stephen Smith Jr.   ,= ,-_-. =.
b...@iguanasuicide.net   ((_/)o o(\_))
ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-'
http://iguanasuicide.net/\_/



signature.asc
Description: This is a digitally signed message part.

Re: Inquiry:How to totally wipe out the entire hard drive

[Napoleon]

John Hasler wrote:

Napoleon writes:

Overwriting with zeros (or ones) once is not at all secure.  It can
easily be nearly 100% recovered by someone with the necessary
equipment, even more so on a modern drive.


Please provide evidence that anyone has ever done this on a modern
drive.

In any case I doubt that the OP has secrets worthy of the attention of
people with "the necessary equipment", whatever that may be.


The FBI can do it, for instance.  Some data recovery companies can also 
do it.  I'm sure there are many others who can, even on modern drives.



--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Inquiry:How to totally wipe out the entire hard drive

[Sven Joachim]

On 2009-09-06 21:12 +0200, John Hasler wrote:

> Napoleon writes:
>> Overwriting with zeros (or ones) once is not at all secure.  It can
>> easily be nearly 100% recovered by someone with the necessary
>> equipment, even more so on a modern drive.
>
> Please provide evidence that anyone has ever done this on a modern
> drive.

Jumping into that discussion, here is evidence that this is not possible
with modern drives:

http://www.h-online.com/news/Secure-deletion-a-single-overwrite-will-do-it--/112432

So, anyone who wants to sell his hard disk can just use
"dd if=/dev/zero ..." and be done with it.

Sven


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Inquiry:How to totally wipe out the entire hard drive

[Napoleon]

John Hasler wrote:

I wrote:

If you want to destroy all the data for security purposes install and
use shred.  It will take quite a while on a large disk.


Ron Johnson writes:

This really is a myth.


What is?


So, just run "dd if=/dev/urandom of=..." over it a couple of times.


man shred.  That's essentially what shred does, but it is probably
faster then dd.  Note that you want to shred the device, not the files
or partitions.


In actual fact, overwriting with zeros once probably suffices for a
modern drive (but there is the problem of bad blocks...)


(Should have gone to the list but I screwed up the first time - sorry).

Overwriting with zeros (or ones) once is not at all secure.  It can 
easily be nearly 100% recovered by someone with the necessary equipment, 
 even more so on a modern drive.


Overwriting multiple times with random data provides higher security. 
Physical destruction of the disk (i.e melting or physically shredding 
the disk) is the only sure-fire security.





--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Inquiry:How to totally wipe out the entire hard drive

[John Hasler]

Napoleon writes:
> Overwriting with zeros (or ones) once is not at all secure.  It can
> easily be nearly 100% recovered by someone with the necessary
> equipment, even more so on a modern drive.

Please provide evidence that anyone has ever done this on a modern
drive.

In any case I doubt that the OP has secrets worthy of the attention of
people with "the necessary equipment", whatever that may be.
-- 
John Hasler 
j...@dhh.gt.org
Elmwood, WI USA


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Inquiry:How to totally wipe out the entire hard drive

[John Hasler]

Andrew M.A. Cater writes:
> If you want to wipe an entire drive 

> dd if=/dev/urandom of=/dev/sda

Shred can wipe a drive.

> repeated a couple of times if necessary.

And it takes care of the repeats and is faster than dd.
-- 
John Hasler


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

DBAN (was: Inquiry:How to totally wipe out the entire hard drive)

[Lee Winter]

-- Forwarded message --
From: Lee Winter 
Date: Sun, Sep 6, 2009 at 2:21 PM
Subject: Re: Inquiry:How to totally wipe out the entire hard drive
To: "Andrew M.A. Cater" 

On Sun, Sep 6, 2009 at 6:39 AM, Andrew M.A. Cater <
amaca...@galactic.demon.co.uk> wrote:

> Better, by far, is to get hold of a copy of DBAN [floppy image/CD image
> or even Windows .exe] Runs in memory, uses a Linux kernel to bootstrap a
> disk wipe program offering various options.] Using this, you can also
> securely delete hard drives before disposing of a machine / securely
> remove any pre-existing contents on any drives in a machine you acquire.
>

Be careful with DBAN.  It is good, but it has weaknesses.  Among other
things, it will believe the drive electronics even if the data provided is
obviously wrong.  For example, if the drive electronics tells DBAN that your
100GB disk is really a 100MB disk DBAN will happily clean the first 100 MB
and report success.

I do professional drive cleaning (e.g., 100-1000 drive batches) and DBAN is
a good tool.  But it is far from perfect.  So use it carefully.

Lee Winter
NP Engineering
Nashua, New Hampshire

Re: Inquiry:How to totally wipe out the entire hard drive

[Andrew M.A. Cater]

On Sun, Sep 06, 2009 at 11:13:42AM +0100, hadi motamedi wrote:
> Dear All
> Can you please let me know how can I totally wipe out the entire of my hard
> drive under Debian OS ?
> Thank you in advance
> Regards
> H.Motamedi

If you want to wipe out a portion (say the contents of one home 
directory) - perhaps use shred.

apt-get install shred ; shred /home/hmotamedi

If you want to nuke the MBR partition table to reinstall an operating 
system

dd if=/dev/zero of=/dev/sda bs=446 count=2 

[or hda/hdb/sdb or whatever as appropriate for the particular device]

If you want to wipe an entire drive 

dd if=/dev/urandom of=/dev/sda

repeated a couple of times if necessary.

Better, by far, is to get hold of a copy of DBAN [floppy image/CD image 
or even Windows .exe] Runs in memory, uses a Linux kernel to bootstrap a 
disk wipe program offering various options.] Using this, you can also 
securely delete hard drives before disposing of a machine / securely 
remove any pre-existing contents on any drives in a machine you acquire.
It _will_ take a long time, almost certainly longer than you think, even 
if you only do write once with random, once with 1's once with 0's.

All best,

AndyC


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Inquiry:How to totally wipe out the entire hard drive

[John Hasler]

I wrote:
> If you want to destroy all the data for security purposes install and
> use shred.  It will take quite a while on a large disk.

Ron Johnson writes:
> This really is a myth.

What is?

> So, just run "dd if=/dev/urandom of=..." over it a couple of times.

man shred.  That's essentially what shred does, but it is probably
faster then dd.  Note that you want to shred the device, not the files
or partitions.


In actual fact, overwriting with zeros once probably suffices for a
modern drive (but there is the problem of bad blocks...)
-- 
John Hasler


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Inquiry:How to totally wipe out the entire hard drive

[Osamu Aoki]

On Sun, Sep 06, 2009 at 11:13:42AM +0100, hadi motamedi wrote:
> Dear All
> Can you please let me know how can I totally wipe out the entire of my
> hard drive under Debian OS ?  Thank you in advance

http://www.debian.org/doc/manuals/debian-reference/ch10.en.html#_erasing_an_entire_hard_disk

10.2.15. Erasing an entire hard disk

There are several ways to completely erase data from an entire hard disk like
device, e.g., USB memory stick at "/dev/sda".

Caution: Check your USB memory stick location with mount(8) first before
executing commands here. The device pointed by "/dev/sda" may be SCSI hard disk
or serial-ATA hard disk where your entire system resides.

Erase all the disk content by resetting data to 0 with the following.

# dd if=/dev/zero of=/dev/sda

Erase all by overwriting random data with the following.

# dd if=/dev/urandom of=/dev/sda

Erase all by overwriting random data very efficiently with the following.

# shred -v -n 1 /dev/sda

Since dd(1) is available from the shell of many bootable Linux CDs such as
Debian installer CD, you can erase your installed system completely by running
an erase command from such media on the system hard disk, e.g., "/dev/hda",
"/dev/sda", etc.


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Inquiry:How to totally wipe out the entire hard drive

[Ron Johnson]

On 2009-09-06 07:10, John Hasler wrote:

H.Motamedi writes:

Can you please let me know how can I totally wipe out the entire of my
hard drive under Debian OS ?


Depends on what you want to accomplish.  If you merely want to make the
disk appear empty use fdisk to delete all the partitions.  If you want
to destroy all the data for security purposes install and use shred.  It
will take quite a while on a large disk.


This really is a myth.

http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
From the Epilogue:
For any modern PRML/EPRML drive, a few passes of random
scrubbing is the best you can do. As the paper says, "A
good scrubbing with random data will do about as well as
can be expected". This was true in 1996, and is still true
now.

So, just run "dd if=/dev/urandom of=..." over it a couple of times.

--
Brawndo's got what plants crave.  It's got electrolytes!


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Inquiry:How to totally wipe out the entire hard drive

[John Hasler]

H.Motamedi writes:
> Can you please let me know how can I totally wipe out the entire of my
> hard drive under Debian OS ?

Depends on what you want to accomplish.  If you merely want to make the
disk appear empty use fdisk to delete all the partitions.  If you want
to destroy all the data for security purposes install and use shred.  It
will take quite a while on a large disk.
-- 
John Hasler


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Inquiry:How to totally wipe out the entire hard drive

[Ron Johnson]

On 2009-09-06 07:00, Tim Tebbit wrote:

hadi motamedi wrote:

Dear All
Can you please let me know how can I totally wipe out the entire of my
hard drive under Debian OS ?
Thank you in advance
Regards
H.Motamedi
 


wipe
dd
DBAN


This is all you need on modern dives:
  dd bs=1M count=Z if=/dev/urandom of=/dev/sdXY

If the value of this command drops below 200, wiggle the mouse around:
  cat /proc/sys/kernel/random/entropy_avail

--
Brawndo's got what plants crave.  It's got electrolytes!


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Inquiry:How to totally wipe out the entire hard drive

[Tzafrir Cohen]

On Sun, Sep 06, 2009 at 11:13:42AM +0100, hadi motamedi wrote:
> Dear All
> Can you please let me know how can I totally wipe out the entire of my hard
> drive under Debian OS ?

What for?

For installing a different OS? (Which one?)

To hide data?

-- 
Tzafrir Cohen | tzaf...@jabber.org | VIM is
http://tzafrir.org.il || a Mutt's
tzaf...@cohens.org.il ||  best
ICQ# 16849754 || friend


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Inquiry:How to totally wipe out the entire hard drive

[Tim Tebbit]

hadi motamedi wrote:
> Dear All
> Can you please let me know how can I totally wipe out the entire of my
> hard drive under Debian OS ?
> Thank you in advance
> Regards
> H.Motamedi
>  

wipe
dd
DBAN


-- 
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Inquiry:How to totally wipe out the entire hard drive

[hadi motamedi]

Dear All
Can you please let me know how can I totally wipe out the entire of my hard
drive under Debian OS ?
Thank you in advance
Regards
H.Motamedi