Post by jamba on Sept 1, 2009 6:43:24 GMT -5
pthree.org/2009/08/31/scrubbing-hard-disk-data/
Click the link above for the rest
Scrubbing Hard Disk Data
I’ve recently had the opportunity with wiping 13 SCSI drives. The drives are small- 36 and 18 gigabyte drives, and they do contain sensitive data. They will be sent off to a third party for physical destruction, but we need to make sure that the data is completely overwritten on the disk in a secure manner. This means using a utility that can overwrite bit-for-bit on the disk level. Fortunately, there are many utilities for making this possible.
The most popular of these, is DBAN, or Darik’s Boot and Nuke. It comes as a CD or USB image that you boot from, rather than the disk, then choose in a menu which wiping method you wish to choose. Of the choices, there are:
* Quick Erase- One pass, writing nothing but zeroes.
* RCMP TSSIT OPS-II- Eight passes using random writes and compliments on each pass.
* DoD Short- Three pass version of the stronger seven pass below. Each pass is random data written.
* DoD 5220.22-M- Sever passes using random data at each pass.
* Gutmann Wipe- 35 passes across the hard drive as described by security expert Peter Gutmann and Colin Plumb.
* PRNG- Arbitrary number of passes specified by the user using a pseudo random number generator for writing random data on each pass.
For most secure scrubbing purposes, a quick erase is more than good enough. There have been no published papers to date on recovering overwritten date after a single pass. Is that to say it’s not possible? No, of course not. For what it’s worth, all the drives that leave my possession only get a single pass. However, if you or or organization is more paranoid about getting the data off the platters, there are other options available that will do more passes on the drive.
I’ve recently had the opportunity with wiping 13 SCSI drives. The drives are small- 36 and 18 gigabyte drives, and they do contain sensitive data. They will be sent off to a third party for physical destruction, but we need to make sure that the data is completely overwritten on the disk in a secure manner. This means using a utility that can overwrite bit-for-bit on the disk level. Fortunately, there are many utilities for making this possible.
The most popular of these, is DBAN, or Darik’s Boot and Nuke. It comes as a CD or USB image that you boot from, rather than the disk, then choose in a menu which wiping method you wish to choose. Of the choices, there are:
* Quick Erase- One pass, writing nothing but zeroes.
* RCMP TSSIT OPS-II- Eight passes using random writes and compliments on each pass.
* DoD Short- Three pass version of the stronger seven pass below. Each pass is random data written.
* DoD 5220.22-M- Sever passes using random data at each pass.
* Gutmann Wipe- 35 passes across the hard drive as described by security expert Peter Gutmann and Colin Plumb.
* PRNG- Arbitrary number of passes specified by the user using a pseudo random number generator for writing random data on each pass.
For most secure scrubbing purposes, a quick erase is more than good enough. There have been no published papers to date on recovering overwritten date after a single pass. Is that to say it’s not possible? No, of course not. For what it’s worth, all the drives that leave my possession only get a single pass. However, if you or or organization is more paranoid about getting the data off the platters, there are other options available that will do more passes on the drive.
Click the link above for the rest