securely wiping drives

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: der.hans
Date:  
To: quatsch
Subject: securely wiping drives
moin moin,

the dban threads have a few good pieces of advice, so I thought I'd throw
them together. I'll also add what I can remember from last month's
discussion on electronics donations since we covered drive wipes there as
well.

@ spinning disks:

use wipe or shred

Todd gave the following command line, be sure to specify the correct disk:

$~ shred -zn10 /dev/sda

As Stephen found out the hard way, dban wipes all drives it can find
including the boot drive.

During the discussion at the meetings encryption came up, someone
suggested a couple of rounds of random data, encrypting the entire drive,
filling the entire encrypted filesystem, then running wipe or shred to
erase the drive. Note that this procedure will take a long time.

@ solid state devices

Todd pointed out the following commands:

$~ hdparm --user-master u --security-set-pass PasSWorD /dev/sda #sets
up security on the drive

$~ hdparm --user-master u --security-erase PasSWorD /dev/sda # the
point of no return delete everything on your SSD drive command

The man page says you can use "the special password NULL to represent
an empty password". After the erase with a password set is the password
still set?

Do we actually need to do the security-erase for spinning disks as well?
All modern drives lie about their size and hide blocks in order to be able
to replace bad blocks rather than failing if a block here or there goes
bad.

ciao,

der.hans
-- 
#  http://www.LuftHans.com/        http://www.PhxLinux.org/
#  "The only thing that interferes with my learning is my education."
#   -- Albert Einstein
---------------------------------------------------
PLUG-discuss mailing list - 
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss