sanitizing disc

Liam Proven lproven at gmail.com
Mon Feb 3 17:00:24 UTC 2014 

On 3 February 2014 03:34, Karl Auer <kauer at biplane.com.au> wrote:
> If you pulverise the platters and shatter the chips

Chips? If we are talking about SSDs then it is all different.

> there is no way to
> recover more than the odd bit or two, and that only if you are lucky and
> at very high cost in time and effort.

Oh, yes, it's expensive, very - but I have seen some amazing
demonstrations. Like, disk platters from a server thrown out of a
moving truck, smashed to pieces by traffic, bits of drive dug out of
farmer's neighbouring fields... 80-85% recovery of all files.

> Whereas any software process by
> definition can only destroy what the drive allows to be destroyed.

It's enough. The stories of bits of "hidden" data are mostly just fairytales.

> DBAN
> does nothing that shred doesn't do in that regard (as far as I can tell
> - happy to be corrected if DBAN takes special technical steps).

> From my reading, and with respect to modern disks, a single overwrite
> with random data is ample protection against anything but an expensive
> and sophisticated attack. If you have data that is so valuable you are
> actually concerned about an expensive and sophisticated attack, you
> should destroy the drive. Shredding it (physically) is a good move,
> especially if the shreds are then widely dispersed. But for all but the
> most obsessively paranoid - or possessed of the most amazingly sensitive
> data - four or five blows with a sledgehammer will do the job just fine.
> And it's MUCH quicker than using DBAN or shred, plus it requires only
> the cheapest of support hardware.

The problem is bigger than this.

The message needs to be broadcast that physical destruction of disks
is NOT secure and does NOT prevent getting the data back. Soft erasure
with overwrite is MORE secure, but the critical thing is, it allows
the disks to be reused. Reuse is a hugely important factor. Ask
charities like ComputerAid.

> Of course, the TRULY obsessive will run DBAN or shed *then* destroy the
> drive :-)

Yes. But this is still wasteful, and it's unnecessary.




-- 
Liam Proven * Profile: http://lproven.livejournal.com/profile
Email: lproven at cix.co.uk * GMail/G+/Twitter/Flickr/Facebook: lproven
MSN: lproven at hotmail.com * Skype/AIM/Yahoo/LinkedIn: liamproven
Tel: +44 20-8685-0498 * Cell: +44 7939-087884

More information about the ubuntu-users mailing list