( As always, please wrap your mail. Not all of us use GUI-based clients. That of the original email has been quoted has been modified to be wrapped so I don't have a fit trying to reply.) > I am looking to draft a corporate policy requiring all hard drives to > be wiped before being decommissioned, sold, donated, etc. > In general, this should be company policy for any corporation that has sensitive data. > The wipe utility must be able to make numerous (up to seven) > uninterrupted passes and support a wide array of file systems (fat, > ntfs, etc). > > Also, the software must support the ability to assign a particular hex > character as the wipe character. > Why overcomplicate matters? Something like this would be easy enough to write using assembly, although it could take eons to finish on those newfangled 60 gig drives. ;) Create one that runs only one pass but writes random bytes. Run it as many times to taste. If you want to automate even that, just write a loop inside the program. This eliminates: * The need to support filesystems. Frankly, you're killing anything written on this disk anyway, so why not just blow away the file system while you're at it? * The need to write fixed characters. Using fixed characters is not necessarily a good idea. There was some discussion some time back about restoring 'deleted' or even overwritten information on 'cleansed' hard drives. If someone finds out that you run, say '0', then 'F', then '$', and then 'y' to cleanse drives, then they can cope with that and it makes the task of restoring some of the data easier. If you use random characters, there is no set pattern (1) that he can use to remove any 'cleansing'. If you overwrite the drive say three or four times with random characters, it drastically reduces the chance of data retrieval since each separate byte has a different overwrite signature. (Footnote: (1) I should put random in quotes. Random numbers on computers follow set patterns based on their seeds since the 'random' numbers are generated through some sort of algorithm. However, these algorithms can be so complex as to be effectively random.) Another musing: 1. Take said drive. Hook it up to a *nix machine. (The following syntax is for Linux. Replace the device as appropriate for your dialect. Also, replace the 'X' as appropriate.) 2. dd if=/dev/urandom of=/dev/hdX 3. Repeat #2 to taste. (I don't know off the top of my head whether or not the command for #2 is exactly correct or if some other tweaking needs to be done.) Anyway, these would be my solutions. I see no reason in purchasing software that does the same thing I could do for free. (And now that you're here... If any of you ever go on vacation or some such, please don't use autoresponders saying you're out of the office. It annoys those of us who post. Thank you.) --CAE Kujikenaikara! Sub caelo noctis sto quod stellae mihi spem dant. "Just a whisper. I hear it in my ghost." --Major Matoko Kusanagi, "Ghost in the Shell"
This archive was generated by hypermail 2b30 : Thu Jun 21 2001 - 12:07:17 PDT