Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Hard Drive data security

from [Atom 'Smasher'] Network Security [Permanent Link]
Subject: Re: Hard Drive data security
Date: Thu, 30 Sep 2004 15:28:05 -0400 (EDT) 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

I have a question about hard drive data security. The hard drive on my notebook is failing and Dell is going to replace it. They are going to take the old one with them. How can I securely remove the data from the hard drive? 
=========================

there are several ways to do this, some good, some bad... i'm not going to attempt to cover all of the possibilities; i'll just mention what i'd do (i consider it to be good)... this assumes you're in a *nix environment.

install the drive on a computer that's running some flavor of *nix. don't mount the drive. let's say, hypothetically, the system sees at /dev/hd2. one way to write random garbage to the disk is:
cat /dev/urandom > /dev/hd2

this will probably take a while and may slow everything down, but it's thoroughly wiping the disk.

repeat as necessary, based on what you perceive your threat model to be. if you're concerned about the drive showing up on ebay or a garage sale, wiping it once or twice should be fine. if you're concerned that a govt spy agency is taking interest in your data, wipe at least seven times.

i will point out the urandom is a CSPRNG, not a ~true~ RNG. this may be a concern to some in the tin-foil-hat crowd, and can be solved with:
tail -f /dev/random > /dev/hd2

but that will take a *really* *long* time to fill up a disk.


        ...atom

 _________________________________________
 PGP key - http://atom.smasher.org/pgp.txt
 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
 -------------------------------------------------

        "The World Bank, IMF, and private banks have consistently
         lavished huge sums on terror regimes, following their
         displacement of democratic governments, and a number of
         quantitative studies have shown a systematic positive
         relationship between U.S. and IMF/World Bank aid to
         countries and their violations of human rights."
                -- Edward S. Herman, economist,
                U.S. media and foreign policy critic,
                author of 'The Real Terror Network'
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.6 (FreeBSD)
Comment: What is this gibberish?
Comment: http://atom.smasher.org/links/#digital_signatures

iQEcBAEBCAAGBQJBXF5VAAoJEAx/d+cTpVciiPIH/3UuIwIJ9buAP9NSpiXTe+52
5RZe5HZbwiAE1vO/lULcDlbdQPolLaLJ8KKmgyTR21hU0l5TiJW5f9U0cCHgTpcQ
qSPHer1Jr9REGyfGaz/VUQn4Z0hk0bh1mnqDxmB8hNRrhJ82T9E8G3hi1YYwHg0X
5/fEGyBBuWmibxMrMU0D3PMgoQD6YYFJ0z8T7/ID1c3N6JDpIiil/WfiWwaultol
KEPkj1aOgpImpX4XSE+SFkPHAIPtelyN79X0Bb2vikHm1pDC5v/CRUjqhsxSCbwm
FU2AGlrwXjp2Hk2s89QcfcrsYiWa9AUud6rgq4OGW8ZPHUFsuYSWvinBP0Ly/84=
=XEid
-----END PGP SIGNATURE-----

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Client End Firewalls, David Parsons
Next by Date:  Re: Qs Regarding DNS, xyberpix
Previous by Thread:  Hard Drive data security, Paul Kurczaba
Next by Thread:  Re: Hard Drive data security, Paul O'Malley
Indexes:  [Date] [Thread] [Top] [All Lists]