There have been many recommendations made regarding wipe utilities and secure
deletion. Being that this is a field of expertise for me (currently putting
together a utility myself, you'll see it on SourceForge soon) I thought
I would toss in a couple comments.
If you are simply looking to remove data and mke it so that amateur software
based attacks cannot retrieve the data the *IX command: dd if=/dev/{u,r}andom
of=/dev/driveletter bs=1k a couple times (three, preferably a bs=1 and then
a bs=512k in there) and then following it with a dd if=/dev/zero, etc.
will be adequate.
However, if you are looking for your data to be removed to securely, I highly
recommend (and am surprised that on this list no one brought it up) that
you read, study, and take to heart Peter Gutmann's paper "Secure Deletion
of Data from Magnetic and Solid-State Memory"[1]. There are a couple utilities
out there which utilize his algorithm, I believe "Overwrite"[2] can assist,
as can "Wipe"[2]. If you find that Peter Gutmann's algorithm takes too
long and are looking to go the "Government Standard" method, there is always
the DoD standard 5220.22-M [3], Air Force Intelligence, AFI31-401 [3], the
Army's AR380-19 [3] and Navy's NAVSO P5239-10 [3] which has a very complete
overview of wiping utilities. BCWipe has been known to have a good implementation
of the DoD's 5220.22-M algorithm [2]. FYI -- There are several different
classifications of removal of information in DoD terms; Clear and Sanitize
when it comes to magnetic media. You are most likely looking for Clearing,
and not Sanitizing, in which any of the above utilities would do your job.
Of course, there is always Destroy[5] which is the Marine's favorite.
If you care to take it a step further, there is an even quicker method by
which you can remove your data in a very secure manner which is also outlined
in each of the above named DoD documents. Degaussing. If you need something
Sanitized, which in short means it would take a laboratory equipped with
an tool capable of take MRI scans to recover the data, Degaussing is your
choice. There are several different types of Degausser's[4] available.
For Non-Removable Rigid Disk's (hard drives), you can safely use a Type-
II (a.k.a. Class II DOD Approved, DoD 5200.28M, Spec L144A) Degausser [6]
which is defined as meeting the Extended Range requirements to erase to
-90 dB S-VHS format media having coercivity of 900 oersted. Granted a bit
pricy, but it does the job. However, for most of your daily use, you could
cut a couple corners, knock ten-thousand dollars off of the cost of your
degausser because it's NATO approved, not DoD - even though it does meet
the standards, and go with a NATO Approved Degausser. which is very capable
of doing the job. [6]
[1]
Secure Deletion of Data from Magnetic and Solid-State Memory
Peter Gutmann, Department of Computer Science, University of Auckland
http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
[2]
Overwrite -
http://www.kyuzz.org/antirez/overwrite/
http://freshmeat.net/redir/overwrite/7530/url_homepage/
Wipe -
http://wipe.sourceforge.net/
BCWipe -
http://www.jetico.com/
Quick explanation of the DoD 5220.22-M algorithm (verbatim):
Overwrite all addressable locations with a character, its complement, then
a random character and verify.
[3]
DoD 5220.22-M
http://www.dss.mil/isec/nispom.htm
http://web7.whs.osd.mil/corres.htm
Army AR380-19
http://www.usapa.army.mil/gils/epubs5.html
Navy NAVSO P5239-10
http://neds.nebt.daps.mil/
http://www.fma.hq.navy.mil/FMA/Publications/NAVSO%20Publications/P5239-10.pdf
[5]
Notice that there is not a Marine recommendation for removal of data? That's
because the media is used for target practice!
DoD Definition of Destroy:
Destroy - Disintegrate, incinerate, pulverize, shred, or smelt.
[6]
DataDev V88
http://www.datadev.com/v88.html
DataDev V91
http://www.datadev.com/v91m.html
-A. Smith
Free, encrypted, secure Web-based email at www.hushmail.com
IMPORTANT NOTICE: If you are not using HushMail, this message could have been read easily by the many people who have access to your open personal email messages.
Get your FREE, totally secure email address at http://www.hushmail.com.
This archive was generated by hypermail 2b30 : Fri Jun 22 2001 - 14:37:36 PDT