View Full Version : Wiping drives
bluetick
April 27th, 2010, 16:24
I sit here wiping the hard drives on computers we've replaced. It's a slow process, I think of shows like CSI and NCIS. It just takes 2 seconds to wipe the drive, but on the next episode they can recover files from 2 years that have been overwritten countless times.
=)
tingo
April 27th, 2010, 16:49
You can always invest in a magnetic eraser ("degaussing (http://en.wikipedia.org/wiki/Degaussing#Degaussing_magnetic_data_storage_media)").
Hopefully you are using DBAN (http://en.wikipedia.org/wiki/DBAN) or something like it to ease the process?
bluetick
April 27th, 2010, 16:56
I'm using bcwipe-total. I'll check into dban.
Ruler2112
April 27th, 2010, 17:01
There's 'artistic license' taken with many of the technological aspects in shows like CSI and NCIS. (I'll never forget the episode where they take a wand and wave it back and forth over a drive's surface and watch a slightly degraded picture pop up on the screen...)
What is your question?
phoenix
April 27th, 2010, 17:01
Drills, hammers, acid, and really really really hot fire work really well to "wipe" a harddrive, and make the data unrecoverable. :)
Otherwise, you have to write out 0s to every sector on disk, then 1s, then random garbage, something like at least 9 times to consider the disk deleted to military specs.
A simple dd if=/dev/random of=/dev/ad0 bs=1M count=10 will wipe a drive such that non-power-users won't be able to read the data. That wipes the MBR and partition table, making the drive appear "unformatted".
fronclynne
April 27th, 2010, 20:31
http://www.thenetworkadministrator.com/breakingComputer.htm
Activity 4: Hard drive defragmentation, etc.
The infra-level repartitioning looks to be just the trick.
graudeejs
April 27th, 2010, 20:49
I'd put geli on those drives and then dd few times....
:D
Now if someone will try to recover, it'll probably notice that it's encrypted, and then might try to decrypt them somehow...., GOOD luck them:D
If I'm going to USA, I'll defiantly do that will all my media, that I will carry, because AFAIK they copy all media, and study it later (I want them to wast time and resources, just to find trash data :D)
Saint0fCloud
April 27th, 2010, 21:03
If I'm going to USA, I'll defiantly do that will all my media, that I will carry, because AFAIK they copy all media, and study it later (I want them to wast time and resources, just to find trash data :D)
Who's they?
graudeejs
April 27th, 2010, 21:10
I dunno, the name of agency, but AFAIK when you travel to USA, you have to give them all media, to be cloned, for later analysis.... (kinda, searching for terrorists <<< the official fairytale story).
Correct me if I'm wrong, Or I've been misinformed (I've read that in news some time ago)
Since I actually haven't been to USA, I don't know exactly,
so I apologize, if I'm wrong
expl
April 27th, 2010, 21:27
I dunno, the name of agency, but AFAIK when you travel to USA, you have to give them all media, to be cloned, for later analysis.... (kinda, searching for terrorists <<< the official fairytale story).
Correct me if I'm wrong, Or I've been misinformed (I've read that in news some time ago)
Since I actually haven't been to USA, I don't know exactly,
so I apologize, if I'm wrong
First time Ive heard about it. I really doubt they do like this, unless they suspect you.
Saint0fCloud
April 27th, 2010, 23:45
I dunno, the name of agency, but AFAIK when you travel to USA, you have to give them all media, to be cloned, for later analysis.... (kinda, searching for terrorists <<< the official fairytale story).
Correct me if I'm wrong, Or I've been misinformed (I've read that in news some time ago)
Since I actually haven't been to USA, I don't know exactly,
so I apologize, if I'm wrong
I have never heard of that happening nor have I seen it in my lifespan of traveling between the United States and Europe multiple times every year. Now technically they do have the right to seize a computer and search it in which case your cryptography won't help at all.
graudeejs
April 27th, 2010, 23:47
I have never heard of that happening nor have I seen it in my lifespan of traveling between the United States and Europe multiple times every year. Now technically they do have the right to seize a computer and search it in which case your cryptography won't help at all.
Not unless I encrypt random trash, just to wast time :D
Anyway, that probably must be it, that they have right... :D Probably news were exaggerated
mix_room
April 28th, 2010, 09:50
Drills, hammers, acid, and really really really hot fire work really well to "wipe" a harddrive, and make the data unrecoverable. :)
Drills and hammers work well if you sufficiently destroy the platters, but just drilling a hole in one platter would still enable someone to disassemble the harddrive, recreate it, and read everything except for the 'data-hole'.
Otherwise, you have to write out 0s to every sector on disk, then 1s, then random garbage, something like at least 9 times to consider the disk deleted to military specs.
Are those the same military specs which allowed the UK military to lose about 15 laptops last year? :\
A simple dd if=/dev/random of=/dev/ad0 bs=1M count=10 will wipe a drive such that non-power-users won't be able to read the data. That wipes the MBR and partition table, making the drive appear "unformatted".
Security by obscurity. Works with people who don't know what they are looking for.
in which case your cryptography won't help at all.
That is exactly when your cryptography will help. As far as I know there are still no laws in the united states which require you to give up your passwords, contrary to ex. the UK.
michaelrmgreen
April 28th, 2010, 10:35
How paranoid are you? If the answer is 'not much' just use dd to write zeros to the whole drive. No one gets data back from that without special tools.
If the answer is 'a lot' then reformatting with a sledge hammer is the way to go.
Ruler2112
April 28th, 2010, 18:53
How paranoid are you? If the answer is 'not much' just use dd to write zeros to the whole drive. No one gets data back from that without special tools.
If the answer is 'a lot' then reformatting with a sledge hammer is the way to go.
I've read reports that modern drives really aren't good for recovering data from after it's had a binary wipe with 0s. The margin areas that the special hardware you refer to read don't retain the magnetic signatures that old drives did because now the tracks are packed so much more closely together.
Belt sander would be better for the truly paranoid. :)
saxon3049
April 29th, 2010, 21:48
A long long time ago I had to totally destroy a set of drives from a server that belonged to a accountancy firm, at the time I was friendly with a guy who owned a car body shop and asked if I could use his sand blaster for a hour, that was one fun hour and the data was totally gone.
But if your are only going to do a software option DBAN is the way to go.
paean
April 30th, 2010, 14:40
I have never heard of that happening nor have I seen it in my lifespan of traveling between the United States and Europe multiple times every year. Now technically they do have the right to seize a computer and search it in which case your cryptography won't help at all.
Unfortunately, this has been happening for a while.
Here's a relatively recent article (http://www.betanews.com/article/DHS-Expect-your-computer-to-be-seized-without-suspicion/1251488759) on it. There's a number of other articles out there, for going in and out of the states (different rules apply). Most of them are geared for laptop users and international travel. Google is your friend.
mix_room
April 30th, 2010, 17:18
Unfortunately, this has been happening for a while.
No, they have the right to seize your computer. That is not the same thing as you having an obligation to hand over EVERY media that crosses the border.
fronclynne
April 30th, 2010, 17:58
Not unless I encrypt random trash, just to wast time :D
The problem with this theory is that if they actually suspect you, and they find encrypted data, they'll probably sit you down in a room and waste your time. Remember, they get paid by the hour to do this.
paean
April 30th, 2010, 18:59
No, they have the right to seize your computer. That is not the same thing as you having an obligation to hand over EVERY media that crosses the border.
The document (http://www.dhs.gov/xlibrary/assets/ice_border_search_electronic_devices.pdf) states they can "search, detain, seize, retain, and share electronic devices, or information contained therein, with or without individualized suspicion, consistent with the guidelines and applicable laws set forth herein".
If _your_ information is correct and can be confirmed it would valuable to many of us. Can you provide a link to government documentation that denies the above document and confirms what you're suggesting?
NB: My apologies to the OP for the topic shift
qsecofr
April 30th, 2010, 23:02
@fronclynne: thats an uncontested point.
I'm still chuckling. :-)
mix_room
May 1st, 2010, 14:08
If _your_ information is correct and can be confirmed it would valuable to many of us. Can you provide a link to government documentation that denies the above document and confirms what you're suggesting?
That is completely consistent with what I am saying. They MAY search you for any reason, that I have never contested, they MAY copy your data and do what ever they want with it. BUT that does NOT mean that YOU HAVE TO hand over your media to them. How long would it take for a 747 arriving in New York to be cleared for customs if every one of the 300+ passengers had to hand over their, on average, 1GB memory stick to be copied, filed etc etc. There is a HUGE difference between their RIGHT to copy your data and your OBLIGATION to hand it over. I don't contest that they can take a piece of media from you, but you don't have to hand over it.
kpedersen
May 1st, 2010, 23:14
I don't contest that they can take a piece of media from you, but you don't have to hand over it.
I don't argue any point because I do not know. But what happens in this situation?
1) They can take a piece of media from you.
2) You don't have to hand it over.
Do you have to get on a plane and go back to your place of origin?
I ask because I am kinda interested in broken systems, not just in the computer world.
DutchDaemon
May 1st, 2010, 23:35
"Hand it over" may mean "volunteer", as in "offer without being asked". Perhaps a translation difficulty here.
Carpetsmoker
May 2nd, 2010, 15:02
Overwriting the drive with zeroes (/dev/zero) once is sufficient for drivers manufactured after 2001-2002, NIST 800-88 covers this as well as some other research.
A simple # dd if=/dev/random of=/dev/ad0 bs=1M count=10
will wipe a drive such that non-power-users won't be able to read the data. That wipes the MBR and partition table, making the drive appear "unformatted".
New drives are typically empty ("zeroes"), not filled with random data.
Drills, hammers, acid, and really really really hot fire work really well to "wipe" a harddrive, and make the data unrecoverable.
I suspect this is actually less secure than overwriting a drive with zeroes, since you might be able to read information from the shattered pieces.
dennylin93
May 2nd, 2010, 15:10
Drills, hammers, acid, and really really really hot fire work really well to "wipe" a harddrive, and make the data unrecoverable.
I suspect this is actually less secure than overwriting a drive with zeroes, since you might be able to read information from the shattered pieces.
Do them both? :e
Carpetsmoker
May 2nd, 2010, 15:25
Why? There is no need.
fronclynne
May 2nd, 2010, 18:58
Indeed, don't store those sorts of images and movies on your HDD and you won't have to hide anything.
phoenix
May 3rd, 2010, 04:49
What pieces? If you melt the drive in acid, there's nothing left but slime. Same for melting the platters. :) No need to wipe it ahead of time. Same if you pound the platters into dust.
fronclynne
May 3rd, 2010, 05:20
I just put a note on my hard drive that says, "I wiped my nose on this" so no-one will touch it.
vBulletin® v3.8.7, Copyright ©2000-2013, vBulletin Solutions, Inc.
0