Wiping drives

[bluetick]

I sit here wiping the hard drives on computers we've replaced. It's a slow process, I think of shows like CSI and NCIS. It just takes 2 seconds to wipe the drive, but on the next episode they can recover files from 2 years that have been overwritten countless times.

=)

 

[tingo]

You can always invest in a magnetic eraser ("degaussing").
Hopefully you are using DBAN or something like it to ease the process?

 

[bluetick]

I'm using bcwipe-total. I'll check into dban.

 

[Ruler2112]

There's 'artistic license' taken with many of the technological aspects in shows like CSI and NCIS. (I'll never forget the episode where they take a wand and wave it back and forth over a drive's surface and watch a slightly degraded picture pop up on the screen...)

What is your question?

 

[phoenix]

Drills, hammers, acid, and really really really hot fire work really well to "wipe" a harddrive, and make the data unrecoverable.

Otherwise, you have to write out 0s to every sector on disk, then 1s, then random garbage, something like at least 9 times to consider the disk deleted to military specs.

A simple # dd if=/dev/random of=/dev/ad0 bs=1M count=10 will wipe a drive such that non-power-users won't be able to read the data. That wipes the MBR and partition table, making the drive appear "unformatted".

 

[fronclynne]

http://www.thenetworkadministrator.com/breakingComputer.htm

Activity 4: Hard drive defragmentation, etc.
The infra-level repartitioning looks to be just the trick.

 

[graudeejs]

I'd put geli on those drives and then dd few times....

Now if someone will try to recover, it'll probably notice that it's encrypted, and then might try to decrypt them somehow...., GOOD luck them

If I'm going to USA, I'll defiantly do that will all my media, that I will carry, because AFAIK they copy all media, and study it later (I want them to wast time and resources, just to find trash data )

 

[Saint0fCloud]

If I'm going to USA, I'll defiantly do that will all my media, that I will carry, because AFAIK they copy all media, and study it later (I want them to wast time and resources, just to find trash data )

Who's they?

 

[graudeejs]

I dunno, the name of agency, but AFAIK when you travel to USA, you have to give them all media, to be cloned, for later analysis.... (kinda, searching for terrorists <<< the official fairytale story).

Correct me if I'm wrong, Or I've been misinformed (I've read that in news some time ago)

Since I actually haven't been to USA, I don't know exactly,
so I apologize, if I'm wrong

 

[expl]

I dunno, the name of agency, but AFAIK when you travel to USA, you have to give them all media, to be cloned, for later analysis.... (kinda, searching for terrorists <<< the official fairytale story).

Correct me if I'm wrong, Or I've been misinformed (I've read that in news some time ago)

Since I actually haven't been to USA, I don't know exactly,
so I apologize, if I'm wrong

First time Ive heard about it. I really doubt they do like this, unless they suspect you.

 

[Saint0fCloud]

I dunno, the name of agency, but AFAIK when you travel to USA, you have to give them all media, to be cloned, for later analysis.... (kinda, searching for terrorists <<< the official fairytale story).

Correct me if I'm wrong, Or I've been misinformed (I've read that in news some time ago)

Since I actually haven't been to USA, I don't know exactly,
so I apologize, if I'm wrong

I have never heard of that happening nor have I seen it in my lifespan of traveling between the United States and Europe multiple times every year. Now technically they do have the right to seize a computer and search it in which case your cryptography won't help at all.

 

[graudeejs]

I have never heard of that happening nor have I seen it in my lifespan of traveling between the United States and Europe multiple times every year. Now technically they do have the right to seize a computer and search it in which case your cryptography won't help at all.

Not unless I encrypt random trash, just to wast time
Anyway, that probably must be it, that they have right... Probably news were exaggerated

 

[mix_room]

Drills, hammers, acid, and really really really hot fire work really well to "wipe" a harddrive, and make the data unrecoverable.

Drills and hammers work well if you sufficiently destroy the platters, but just drilling a hole in one platter would still enable someone to disassemble the harddrive, recreate it, and read everything except for the 'data-hole'.

Otherwise, you have to write out 0s to every sector on disk, then 1s, then random garbage, something like at least 9 times to consider the disk deleted to military specs.

Are those the same military specs which allowed the UK military to lose about 15 laptops last year? :\

A simple # dd if=/dev/random of=/dev/ad0 bs=1M count=10 will wipe a drive such that non-power-users won't be able to read the data. That wipes the MBR and partition table, making the drive appear "unformatted".

Security by obscurity. Works with people who don't know what they are looking for.

in which case your cryptography won't help at all.

That is exactly when your cryptography will help. As far as I know there are still no laws in the united states which require you to give up your passwords, contrary to ex. the UK.

 

[michaelrmgreen]

How paranoid are you? If the answer is 'not much' just use dd to write zeros to the whole drive. No one gets data back from that without special tools.

If the answer is 'a lot' then reformatting with a sledge hammer is the way to go.

 

[Ruler2112]

How paranoid are you? If the answer is 'not much' just use dd to write zeros to the whole drive. No one gets data back from that without special tools.

If the answer is 'a lot' then reformatting with a sledge hammer is the way to go.

I've read reports that modern drives really aren't good for recovering data from after it's had a binary wipe with 0s. The margin areas that the special hardware you refer to read don't retain the magnetic signatures that old drives did because now the tracks are packed so much more closely together.

Belt sander would be better for the truly paranoid.

 

[saxon3049]

A long long time ago I had to totally destroy a set of drives from a server that belonged to a accountancy firm, at the time I was friendly with a guy who owned a car body shop and asked if I could use his sand blaster for a hour, that was one fun hour and the data was totally gone.

But if your are only going to do a software option DBAN is the way to go.

 

[paean]

I have never heard of that happening nor have I seen it in my lifespan of traveling between the United States and Europe multiple times every year. Now technically they do have the right to seize a computer and search it in which case your cryptography won't help at all.

Unfortunately, this has been happening for a while.

Here's a relatively recent article on it. There's a number of other articles out there, for going in and out of the states (different rules apply). Most of them are geared for laptop users and international travel. Google is your friend.

 

[mix_room]

Unfortunately, this has been happening for a while.

No, they have the right to seize your computer. That is not the same thing as you having an obligation to hand over EVERY media that crosses the border.

 

[fronclynne]

Not unless I encrypt random trash, just to wast time

The problem with this theory is that if they actually suspect you, and they find encrypted data, they'll probably sit you down in a room and waste your time. Remember, they get paid by the hour to do this.

 

[paean]

No, they have the right to seize your computer. That is not the same thing as you having an obligation to hand over EVERY media that crosses the border.

The document states they can "search, detain, seize, retain, and share electronic devices, or information contained therein, with or without individualized suspicion, consistent with the guidelines and applicable laws set forth herein".

If _your_ information is correct and can be confirmed it would valuable to many of us. Can you provide a link to government documentation that denies the above document and confirms what you're suggesting?

NB: My apologies to the OP for the topic shift

 

[qsecofr]

wasting time

@fronclynne: thats an uncontested point.
I'm still chuckling.

 

[mix_room]

If _your_ information is correct and can be confirmed it would valuable to many of us. Can you provide a link to government documentation that denies the above document and confirms what you're suggesting?

That is completely consistent with what I am saying. They MAY search you for any reason, that I have never contested, they MAY copy your data and do what ever they want with it. BUT that does NOT mean that YOU HAVE TO hand over your media to them. How long would it take for a 747 arriving in New York to be cleared for customs if every one of the 300+ passengers had to hand over their, on average, 1GB memory stick to be copied, filed etc etc. There is a HUGE difference between their RIGHT to copy your data and your OBLIGATION to hand it over. I don't contest that they can take a piece of media from you, but you don't have to hand over it.

 

[kpedersen]

I don't contest that they can take a piece of media from you, but you don't have to hand over it.

I don't argue any point because I do not know. But what happens in this situation?

1) They can take a piece of media from you.
2) You don't have to hand it over.

Do you have to get on a plane and go back to your place of origin?

I ask because I am kinda interested in broken systems, not just in the computer world.

 

[DutchDaemon]

"Hand it over" may mean "volunteer", as in "offer without being asked". Perhaps a translation difficulty here.

 

[arp242]

Overwriting the drive with zeroes (/dev/zero) once is sufficient for drivers manufactured after 2001-2002, NIST 800-88 covers this as well as some other research.

A simple # dd if=/dev/random of=/dev/ad0 bs=1M count=10
will wipe a drive such that non-power-users won't be able to read the data. That wipes the MBR and partition table, making the drive appear "unformatted".

New drives are typically empty ("zeroes"), not filled with random data.

Drills, hammers, acid, and really really really hot fire work really well to "wipe" a harddrive, and make the data unrecoverable.

I suspect this is actually less secure than overwriting a drive with zeroes, since you might be able to read information from the shattered pieces.