Is my drive 'really' secure after wiping ?

The place to post if you need help or advice

Moderators: ChrisThornett, LXF moderators

Is my drive 'really' secure after wiping ?

Postby serene » Tue Jan 01, 2013 8:47 pm

Hi.

I usually wipe my drives by;
dcfldd bs=1M if=/dev/zero of=/dev/sda

I tried the 'secure' ATA method, which in theory should wipe the protected areas and bad sectors.

Questiion;
Since dd or dcfldd writes low level zeros directly to the disk, shouldn't it overwrite any and all areas of the drive, including reserved areas ?

I'd rather use dd instead of the ATA method if it acomplishes the same thing.

Thank you.
User avatar
serene
LXF regular
 
Posts: 111
Joined: Sun Jun 19, 2005 12:43 pm

Postby Dutch_Master » Tue Jan 01, 2013 9:09 pm

You need to weigh up the risks against the effort: what info is on the disk and how likely is it the new owner of the disk (assuming you wipe it before flogging it off) is going to try to retrieve any residual info.

If you want it done properly, format the drive for a different filesystem (XFS, ext4, JFS, NTFS, ZFS, (V)FAT) then copy data to it from /dev/null and /dev/random (minimum 5x each), then reformat in a totally different FS and start the copy process again. Use all above file systems in that order. No "quick format", the full conversion!
Dutch_Master
LXF regular
 
Posts: 2459
Joined: Tue Mar 27, 2007 1:49 am

Postby serene » Tue Jan 01, 2013 9:39 pm

Dutch_Master,

Thank you, however this does not address my question.

If hard drives are wiped via my example, will the reserved, protected, and remaped bad sectors/blocks be overwritten ?

Or is the 'only' way to acomplish the above is to use the secure erase method...
https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase

Thank you.
Serene
User avatar
serene
LXF regular
 
Posts: 111
Joined: Sun Jun 19, 2005 12:43 pm

Postby johnhudson » Tue Jan 01, 2013 10:43 pm

For a belt and braces approach try

http://www.sysresccd.org/SystemRescueCd_Homepage

which offers several options which do multiple overwrites to prevent recovery of any data. Read their documentation first if you want an explanation of why single overwrites may not deter a determined cracker.
johnhudson
LXF regular
 
Posts: 883
Joined: Wed Aug 03, 2005 1:37 pm

Postby nelz » Tue Jan 01, 2013 11:06 pm

If you are that concerned about your data, or it really is that sensitive, play safe and destroy the drive.

Not only is a lump hammer more effective than dd, it is a damn sight more therapeutic too :)
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
User avatar
nelz
Site admin
 
Posts: 8547
Joined: Mon Apr 04, 2005 11:52 am
Location: Warrington, UK

Postby Ram » Wed Jan 02, 2013 1:46 am

nelz wrote:If you are that concerned about your data, or it really is that sensitive, play safe and destroy the drive.

Not only is a lump hammer more effective than dd, it is a damn sight more therapeutic too :)


Or drilling straight through the platters.

lubuntu LXDE 13.10 running on AMD Phenom II*4; ASUS Crosshair III Formula MB; 4 GB Ram.....
User avatar
Ram
LXF regular
 
Posts: 1682
Joined: Thu Apr 07, 2005 9:44 pm
Location: Guisborough

Postby ajgreeny » Wed Jan 02, 2013 11:31 am

There is a lot of apocryphal information that suggests that data can be retrieved from disks that have been overwritten several times, even after using such utilities as DBAN.

Having searched a few months ago, just out of interest, not because I had anything to wipe, it became quickly obvious that the cost of retrieval of anything from a disk that has been overwritten even once with zeros, but better with random data, was exorbitant, and only in the case of high forensic need would it ever be contemplated, and even then would probably fail.

This google search may put your mind at rest, but do your own fuller search if you want to.
http://www.google.co.uk/search?q=data+r ... 40&bih=718
Xubuntu 12.04 user, and loving it!
ajgreeny
LXF regular
 
Posts: 461
Joined: Wed May 10, 2006 8:18 pm
Location: Oxfordshire.

Postby serene » Wed Jan 02, 2013 3:13 pm

A Happy New Year to all.

The question remains unanswered.
'Not' seeking alternative erase methods, recovery, physical destruction, risks.

I am seeking experience with using hard drive ATA Secure Erase command (Wipes all reserved areas including blocks reserved as bad) and is it "The Same" as using dd ?

For example;

dd bs=1M if=/dev/zero of=/dev/sda

vs.

hdparm --user-master u --security-erase NULL /dev/sda

Does anyone have 1st hand experience in determining if dd will wipe all reserved/hidden hard drive areas, including reserved bad blocks ?

Thank you.
Serene
User avatar
serene
LXF regular
 
Posts: 111
Joined: Sun Jun 19, 2005 12:43 pm

Postby Paradigm Shifter » Thu Jan 03, 2013 11:11 am

While I've only found a comment on a blog that mentions it so far, apparently Secure Erase does not touch bad sectors.

ref: (comment three)
http://ultraparanoid.wordpress.com/2007 ... rd-drives/

Happy new year. ;)
User avatar
Paradigm Shifter
 
Posts: 84
Joined: Sat May 19, 2012 12:16 pm

Postby serene » Thu Jan 03, 2013 3:49 pm

Paradigm Shifter,
Nice link.

The link you provided says;
"Summary:
ATA-SE methodology is superior to Block Erase methodology due to ATA-SE’s ability to overwrite bad blocks, due to it’s reduced time demand and due to it’s improved completion feedback."

I have not found a reliable method to overwrite bad blocks.

Using dd interestingly results in the exact amount of wipe time as a secure ATA command.

By the way, if any of you are interested in using the ATA secure erase, the 'Parted Magic' live cd is great... use the "Disk Eraser".
I understand it to wipe all protected areas and reserved bad block areas by using the secure ATA commands, from a nice little GUI.
You can also use hdparm, but the GUI is pretty stress free.

You may want to see how long it will take for a secure erase, remain seated for a 3TB drive (ouch)....
$ hdparm -I /dev/sda | grep -i "enhanced security"
Results for 1TB;
$ 174min for SECURITY ERASE UNIT. 174min for ENHANCED SECURITY ERASE UNIT.

Thanks all... I'll continue research on my own. Some food for thought eh? It would be nice to know eventually if a simple dd will wipe all reserved/hidden areas of a hard drive.

Bye for now.

Cheers.
Serene
User avatar
serene
LXF regular
 
Posts: 111
Joined: Sun Jun 19, 2005 12:43 pm


Return to Help!

Who is online

Users browsing this forum: No registered users and 3 guests