Reformat USB stick with a CD ISO9660 FS
Daniel Mons
daniel.mons at iinet.net.au
Sat Jun 14 08:20:29 BST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Owen Townend wrote:
> This is overkill here, there is no inherant security or other risk in
> leaving the data unscrubbed. This should be sufficient:
> sudo dd if=/dev/zero of=/dev/sdd bs=512 count=1
Agreed. And it's a heck of a lot quicker.
> The few times I have had to securely destroy data for customers have
> been situations where the data is much more valuable than the hardware
> itself. This opens opportunities for physical destruction.
I work for a few financial/superannuation types who tend to hold
sensitive data (AU Tax File Numbers and US Social Security Numbers,
etc). While not as inherently "valuable" (compared to credit card
numbers and so forth which are more easily abused), there is a certain
government/legal conformance requirement to take all necessary steps to
safely scrub data.
On the topic of hard disk destruction - I've seen good (read: expensive)
data recovery agencies recover data even from laptops that have been in
house fires or car crashes. For a while there, the Australian
government standard was to destroy the disk via a nailgun, but again
even that can be recovered from partially if the data wasn't properly
scrubbed beforehand. Data recovery agencies have many methods of
retrieving data from physical disk platters even if part of the platter
has sustained physical damage.
If you're deadly serious about removing data from drives, a combination
of software like DBAN as well as physical destruction of the hard disk
platters themselves (e.g.: industrial metal shredders) is a good choice.
But without going to the expensive extreme of physical disk destruction,
most data recovery places concede that the 7-pass DoD methods of data
wiping are generally good enough to remove any ability to recover past
data. Even if there is anything left, it's generally not enough to
rebuild whole files or even strings of useful data. It's certainly
enough if you're not worried about the practical ramifications, and only
worried about the legal "tick the boxes" conformance side of things.
- -Dan
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIU3E9eFJDv0P9Qb8RApnJAJ9dP6qT9EAV/SJAq5x9DYY9yGzzfACfX2M0
cHQlCebJ5dpIJoHFCLkynVY=
=kUk2
-----END PGP SIGNATURE-----
More information about the ubuntu-au
mailing list