Security Basics mailing list archives
Re: Wiping a drive: /dev/zero or /dev/urandom better?
From: "Adam Gibbins" <adam.gibbins () gmail com>
Date: Tue, 14 Oct 2008 23:30:52 +0100
Got to agree here, dban would be a far safer option. On 14/10/2008, Weir, Jason <jason.weir () nhrs org> wrote:
Why not use something like DBAN - gives you plenty of options. http://www.dban.org/ -J -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of JW Sent: Monday, October 13, 2008 6:47 PM To: security-basics () securityfocus com Subject: Wiping a drive: /dev/zero or /dev/urandom better? I've got a theoretical question: when wiping a drive (I'm talking about Linux here), which of the following is more: fill the drive with data from /dev/zero or /dev/urandom? I ask because I often see people suggest something like the following for wiping disks: cat /dev/zero > /dev/hda (and of course do it multiple times) I got to thinking that (if you are really paranoid) it would probably be easier for "the bad guy" to recover original data if you use /dev/zero because it's so uniform, the "bad guy" can just look for anything other then zeros - if it's not zero, it's data. Which would imply that overwriting the data with /dev/urandom or /dev/random would be more secure. But I don't know enough about the internals of hard drives to know if it really matters or not. For clarity I'll point out that I'm not talking about wiping files in the filesystem, I'm talking about wiping whole disks - I guess you'd say "at the block level". What do the resident experts here think? JW -- ---------------------- System Administrator - Cedar Creek Software http://www.cedarcreeksoftware.com ________________________________________________________________________ _____________________ Please visit www.nhrs.org to subscribe to NHRS email announcements and updates. _____________________________________________________________________________________________ Please visit www.nhrs.org to subscribe to NHRS email announcements and updates.
Current thread:
- Wiping a drive: /dev/zero or /dev/urandom better? JW (Oct 14)
- RE: Wiping a drive: /dev/zero or /dev/urandom better? Weir, Jason (Oct 14)
- Re: Wiping a drive: /dev/zero or /dev/urandom better? Adam Gibbins (Oct 15)
- Re: Wiping a drive: /dev/zero or /dev/urandom better? Adriel Desautels (Oct 14)
- Re: Wiping a drive: /dev/zero or /dev/urandom better? Craig Wright (Oct 15)
- Re: Wiping a drive: /dev/zero or /dev/urandom better? Craig Wright (Oct 15)
- 51% can be enough Was: Wiping a drive Alexander Klimov (Oct 16)
- RE: 51% can be enough Was: Wiping a drive Olatunji Nowlin (Oct 16)
- RE: 51% can be enough Was: Wiping a drive Murda Mcloud (Oct 16)
- RE: 51% can be enough Was: Wiping a drive Alexander Klimov (Oct 20)
- Re: Wiping a drive: /dev/zero or /dev/urandom better? Craig Wright (Oct 15)
- RE: Wiping a drive: /dev/zero or /dev/urandom better? Weir, Jason (Oct 14)
- Re: Wiping a drive: /dev/zero or /dev/urandom better? Razi Shaban (Oct 16)
- Re: Wiping a drive: /dev/zero or /dev/urandom better? Ansgar Wiechers (Oct 16)