The simplest method I know is to put aside a spare Win 95 machine for this purpose. You would install the drive to be wiped as a slave, format it under Win 95, and then write the whole drive space. There are tools in things like Norton which will overwrite drive space, or very simple custom programme could be written to do this. There is no need to take account of the original OS unless special boot loaders &c. have modified the boot sector. There are tools which will rebuild this if they have, provided you think it matters. The contents of the boot sector only identify what OS was in use. They don't hold any privileged information about the user or the user's data. There is also really not much need to overwrite multiple times, as, although it is theoretically possible to read previous overwritten data, the effort involved in recovering *useful* data is probably prohibitive due to the size of modern disks and the complex way data are generally distributed on the platter. A paranoid person might write "random" data three times, but more than that is probably pathological! By the way (if you *are* paranoid), overwriting with a fixed character actually makes hypothetical recovery *easier*, as you are just shifting the signal base level consistently across the board. Checkerboard patterns &c. (in fact anything *predictable*) suffer from the same problem. It is necessary to distinguish between a real problem and an imaginary one, and also between a sense of confidence and real security. I believe formatting and overwriting with random characters once is perfectly adequate. The bill for open-platter residual data reads can be six- figures plus. Is anyone really going to bother? Michael D. Barwise, BSc, IEng, MIIE Computer Security Awareness tel +44 (0)1442 266534 http://www.ComputerSecurityAwareness.com Addressing the Human Equation in Information Security
This archive was generated by hypermail 2b30 : Thu Jun 21 2001 - 13:22:45 PDT