Security Basics mailing list archives

Re: Hard Drive data security

From: Atom 'Smasher' <atom () suspicious org>
Date: Thu, 30 Sep 2004 15:28:05 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

I have a question about hard drive data security. The hard drive on mynotebook is failing and Dell is going to replace it. They are going totake the old one with them. How can I securely remove the data from thehard drive?

=========================

there are several ways to do this, some good, some bad... i'm not going toattempt to cover all of the possibilities; i'll just mention what i'd do(i consider it to be good)... this assumes you're in a *nix environment.

install the drive on a computer that's running some flavor of *nix. don'tmount the drive. let's say, hypothetically, the system sees at /dev/hd2.one way to write random garbage to the disk is:

        cat /dev/urandom > /dev/hd2

this will probably take a while and may slow everything down, but it'sthoroughly wiping the disk.

repeat as necessary, based on what you perceive your threat model to be.if you're concerned about the drive showing up on ebay or a garage sale,wiping it once or twice should be fine. if you're concerned that a govtspy agency is taking interest in your data, wipe at least seven times.

i will point out the urandom is a CSPRNG, not a ~true~ RNG. this may be aconcern to some in the tin-foil-hat crowd, and can be solved with:

        tail -f /dev/random > /dev/hd2

but that will take a *really* *long* time to fill up a disk.


        ...atom

 _________________________________________
 PGP key - http://atom.smasher.org/pgp.txt
 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
 -------------------------------------------------

        "The World Bank, IMF, and private banks have consistently
         lavished huge sums on terror regimes, following their
         displacement of democratic governments, and a number of
         quantitative studies have shown a systematic positive
         relationship between U.S. and IMF/World Bank aid to
         countries and their violations of human rights."
                -- Edward S. Herman, economist,
                U.S. media and foreign policy critic,
                author of 'The Real Terror Network'
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.6 (FreeBSD)
Comment: What is this gibberish?
Comment: http://atom.smasher.org/links/#digital_signatures

iQEcBAEBCAAGBQJBXF5VAAoJEAx/d+cTpVciiPIH/3UuIwIJ9buAP9NSpiXTe+52
5RZe5HZbwiAE1vO/lULcDlbdQPolLaLJ8KKmgyTR21hU0l5TiJW5f9U0cCHgTpcQ
qSPHer1Jr9REGyfGaz/VUQn4Z0hk0bh1mnqDxmB8hNRrhJ82T9E8G3hi1YYwHg0X
5/fEGyBBuWmibxMrMU0D3PMgoQD6YYFJ0z8T7/ID1c3N6JDpIiil/WfiWwaultol
KEPkj1aOgpImpX4XSE+SFkPHAIPtelyN79X0Bb2vikHm1pDC5v/CRUjqhsxSCbwm
FU2AGlrwXjp2Hk2s89QcfcrsYiWa9AUud6rgq4OGW8ZPHUFsuYSWvinBP0Ly/84=
=XEid
-----END PGP SIGNATURE-----

Current thread:

Hard Drive data security Paul Kurczaba (Sep 30)
- Re: Hard Drive data security Atom 'Smasher' (Sep 30)
- Re: Hard Drive data security Paul O'Malley (Sep 30)
- Re: Hard Drive data security Jonathan Loh (Sep 30)
- Re: Hard Drive data security Zachary Shay (Sep 30)