[142778] in cryptography@c2.net mail archive
RE: [heise online UK] Secure deletion: a single overwrite will do it
daemon@ATHENA.MIT.EDU (Dave Kleiman)
Wed Jan 21 09:27:08 2009
From: "Dave Kleiman" <dave@davekleiman.com>
To: "'Jason'" <jason@lunkwill.org>,
"'Stefan Kelm'" <stefan.kelm@secorvo.de>
Cc: "'Cryptography'" <cryptography@metzdowd.com>
In-Reply-To: <Pine.LNX.4.64.0901202201210.4359@pl2.zayda.com>
Date: Tue, 20 Jan 2009 19:18:39 -0500
On Mon, 19 Jan 2009, Stefan Kelm wrote:
> ...it has to be overwritten completely, sector
> by sector. Although this takes time, it costs nothing: the dd command =
in
> any Linux distribution will do the job perfectly.
Note quite perfectly, and not nearly as fast as the built-in option (see =
below).
On Mon, 20 Jan 2009, Jason wrote:
>I agree in general, although you still have to watch out for "reserve =
tracks"=20
>(search on this page)....."All hard disks have reserved sectors, which =
are used automatically by the=20
>drive logic if there is a defect in the media.":
Yes the main areas you are referring to are known as the P-List (Primary =
Defects List =E2=80=93 manufacture defect info that does not change) =
G-List (Grown Defects Lists =E2=80=93 sector relocation table). You can =
only access the P-List with special commands and tools.=20
However, you can wipe the G-List are if you do it outside of an OS (or a =
tool that can access the system area), since the OS knows nothing of =
these sectors. The easiest (possible the best because of speed) way to =
accomplish this in modern ATA hard drives (2001 forward) is with the =
built-in Secure Erase program. Conveniently placed there for us by =
Recording Research (CMRR) headed by Gordon Hughes, Associate Director of =
CMRR, USSD on the Secure Erase Initiative.
""At the ANSI T-13 Committee meeting in 2004, Gordon described the =
differences between block erase as described in government document =
DoD2550 and Secure Erase. Unlike block level erase Secure Erase also =
overwrites reassigned blocks and can be up to eight times faster (per =
CMRR tests).
In addition the enhanced SE command qualifies for Federal Government =
secret data classification erasure.""=20
You can download a DOS-based utility HDDerase that securely erases all =
data on ATA hard disk drives via the internal secure erase command. =
http://cmrr.ucsd.edu/people/Hughes/SecureErase.shtml
And yes, I am the same Dave Kleiman from the paper.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
