Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Wiping a drive: /dev/zero or /dev/urandom better?

From: Adriel Desautels <adriel () netragard com>
Date: Tue, 14 Oct 2008 11:39:50 -0400
use dban, it works wonders.

Regards,
        Adriel T. Desautels
        Chief Technology Officer
        Netragard, LLC.
        Office : 617-934-0269
        Mobile : 617-633-3821
        http://www.linkedin.com/pub/1/118/a45

        Join the Netragard, LLC. Linked In Group:
        http://www.linkedin.com/e/gis/48683/0B98E1705142

------------------------------------------------
Netragard, LLC - "The Specialist in Anti-Hacking"

Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know  : http://tinyurl.com/26pjsn


JW wrote:

I've got a theoretical question: when wiping a drive (I'm talking about Linux 
here), which of the following is more: fill the drive with data 
from /dev/zero or /dev/urandom?

I ask because I often see people suggest something like the following for 
wiping disks:

cat /dev/zero > /dev/hda

(and of course do it multiple times)

I got to thinking that (if you are really paranoid) it would probably be 
easier for "the bad guy" to recover original data if you use /dev/zero 
because it's so uniform, the "bad guy" can just look for anything other then 
zeros - if it's not zero, it's data.

Which would imply that overwriting the data with /dev/urandom or /dev/random 
would be more secure.

But I don't know enough about the internals of hard drives to know if it 
really matters or not.

For clarity I'll point out that I'm not talking about wiping files in the 
filesystem, I'm talking about wiping whole disks - I guess you'd say "at the 
block level".

What do the resident experts here think? 

      JW
Previous By Date Next
Previous By Thread Next

Current thread: