Re: Hard Drive data security

[Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>]

On 2004-10-05 Paris E. Stone wrote:
> I was informed that /dev/null just wrote zeros to the drive and that a
> better way was multiple passes using random:
>
> dd if=/dev/urandom of=/dev/had

You were informed wrong (or at least incomplete). A single pass with
zeroes is definitely sufficient if you are addressing data-recovery
software. I have yet to hear from any software-based attack that was
able to uncover any data from a wiped drive, even after wiping with
zeroes in a single pass. If you want to address low-level attacks (like
MFM or something): feed the drive to a shredder.

/dev/null BTW doesn't write anything. It takes any input and discards
it. /dev/zero ist the device you read zeroes from.

It makes no real difference whether you use /dev/zero or /dev/urandom,
both of them will do the trick.

> or maybe /dev/random

No need to waste real randomness for overwriting a drive.

Regards
Ansgar Wiechers
-- 
"Those who would give up liberty for a little temporary safety
deserve neither liberty nor safety, and will lose both."
--Benjamin Franklin