[clug] Secure Erase of disks/drives
Alex Satrapa
grail at goldweb.com.au
Mon May 7 00:38:41 GMT 2007
On 03/05/2007, at 11:05 , steve jenkin wrote:
> I was sure there'd been a thread on this in the last few months, but
> couldn't find it...
>
> For any of you needing to zap drives before disposal ...
This has been discussed on this list before in the last couple of
months, and is a recurring theme amongst the nihilistic subscribers
to the CLUG mailing list. Ask Google about articles from the CLUG
list with the word "thermite". It always comes up in these
discussions eg: http://lists.samba.org/archive/linux/2007-March/
017400.html - within two posts someone mentions thermite (if not by
name).
Please read the paper at: http://www.cs.auckland.ac.nz/~pgut001/pubs/
secure_del.html
Most interesting quote from the paper:
"A good scrubbing with random data will do about as well as can be
expected". This was true in 1996, and is still true now.
Though possibly as interesting:
In the time since this paper was published, some people have
treated the 35-pass overwrite technique described in it more as a
kind of voodoo incantation to banish evil spirits than the result
of a technical analysis of drive encoding techniques. As a result,
they advocate applying the voodoo to PRML and EPRML drives even
though it will have no more effect than a simple scrubbing with
random data.
Of course, if you're running a facility where you have to deal with
the decommissioning of decades-old computer systems and have no idea
what encoding mechanism is used, the 35-pass-voodoo might apply -
after all, the people doing the actual "sanitising" of your equipment
are likely to be "trained monkeys" - people from CentreLink's work
for the dole service or some such who have no expertise in sensitive
equipment disposal.
If writing random junk (cat /dev/random > /dev/hda) to the drive
isn't enough to address your security concerns, then you need to go
directly to the one-way Brownian encryption option (ie: grind the
disks to dust, then burn them with Thermite or smelt them) or safe-
storage.
Alex
More information about the linux
mailing list