Warm soapy water and a clean sponge.... But seriously, destroy the disk if you want it to actually be completely safe from being recovered. Many datacenters and large firms use physical disk shredders. For home use a sledgehammer, magnet, and depositing the pieces into random city rubbish bins is something I have adopted in the past. Apparently an angle grinder was sufficient to satisfy the GCHQ when they had The Guardian destroy hard drives recently, and thining about it, and angle grinder is a great idea - and fun too. In regards to dd, I would run a few of passes, and make one of them if=/dev/random. As stated earlier, altering the bs should help with the speed, but if you though zeroing was slow - wait til you see experience the random write ;) I place a fairly low trust in scrub and shred. I know shred suffers some issues on journaled and raid configurations, and scrub may have the same problems. I guess it depends on your threat model, so rewinding a bit - who are you wanting to prevent accessing your data? This greatly informs the conversation. The methods offered above, and in many of the replies thus far, assume a very sophisticated adversary. Daniel On Mon, Sep 2, 2013 at 5:12 PM, Rohan McLeod <rhn@jeack.com.au> wrote:
Christopher M. Bailey wrote:
On 2013-09-02 15:04, Brett Pemberton wrote:
On Mon, Sep 2, 2013 at 3:02 PM, David Zuccaro <david.zuccaro@optusnet.com.au> wrote:
What is the best way to wash a disk? http://www.dban.org/ [2]
cheers,
/ Brett
_______________________________________________ luv-main mailing list luv-main@luv.asn.au http://lists.luv.asn.au/listinfo/luv-main
[1] Yep dban is what I used to wipe all the branch servers and workstations from NAB a few years back, never had any issues with it Whilst it does state: "...DBAN prevents all known techniques of hard disk forensic analysis. It does not provide users with a proof of erasure, such as an audit-ready erasure report."
From memory the consensus at ComputerBank many years ago was that if one's life was on the line and NSA wanted the info; dismantle the drive and dissolve the drive platters carefully in in a large quantity of molten aluminium.. Apparently the problem is that the magnetic domains which represent bits are analogue. So whilst the heads on the original drive can detect no magnetic domain; someone with a souped up head might be able to. Initially the method we used wrote zero's to all sectors but eventually to speed things up I think we ether used a generic LLformat utility and /or proprietary utilities from the respective drive manufacturers; probably via a self booting DOS floppy.
apologies to luv-main; Rohan McLeod
_______________________________________________ luv-main mailing list luv-main@luv.asn.au http://lists.luv.asn.au/listinfo/luv-main