There have been many recommendations made regarding wipe utilities and secure deletion. Being that this is a field of expertise for me (currently putting together a utility myself, you'll see it on SourceForge soon) I thought I would toss in a couple comments. If you are simply looking to remove data and mke it so that amateur software based attacks cannot retrieve the data the *IX command: dd if=/dev/{u,r}andom of=/dev/driveletter bs=1k a couple times (three, preferably a bs=1 and then a bs=512k in there) and then following it with a dd if=/dev/zero, etc. will be adequate. However, if you are looking for your data to be removed to securely, I highly recommend (and am surprised that on this list no one brought it up) that you read, study, and take to heart Peter Gutmann's paper "Secure Deletion of Data from Magnetic and Solid-State Memory"[1]. There are a couple utilities out there which utilize his algorithm, I believe "Overwrite"[2] can assist, as can "Wipe"[2]. If you find that Peter Gutmann's algorithm takes too long and are looking to go the "Government Standard" method, there is always the DoD standard 5220.22-M [3], Air Force Intelligence, AFI31-401 [3], the Army's AR380-19 [3] and Navy's NAVSO P5239-10 [3] which has a very complete overview of wiping utilities. BCWipe has been known to have a good implementation of the DoD's 5220.22-M algorithm [2]. FYI -- There are several different classifications of removal of information in DoD terms; Clear and Sanitize when it comes to magnetic media. You are most likely looking for Clearing, and not Sanitizing, in which any of the above utilities would do your job. Of course, there is always Destroy[5] which is the Marine's favorite. If you care to take it a step further, there is an even quicker method by which you can remove your data in a very secure manner which is also outlined in each of the above named DoD documents. Degaussing. If you need something Sanitized, which in short means it would take a laboratory equipped with an tool capable of take MRI scans to recover the data, Degaussing is your choice. There are several different types of Degausser's[4] available. For Non-Removable Rigid Disk's (hard drives), you can safely use a Type- II (a.k.a. Class II DOD Approved, DoD 5200.28M, Spec L144A) Degausser [6] which is defined as meeting the Extended Range requirements to erase to -90 dB S-VHS format media having coercivity of 900 oersted. Granted a bit pricy, but it does the job. However, for most of your daily use, you could cut a couple corners, knock ten-thousand dollars off of the cost of your degausser because it's NATO approved, not DoD - even though it does meet the standards, and go with a NATO Approved Degausser. which is very capable of doing the job. [6] [1] Secure Deletion of Data from Magnetic and Solid-State Memory Peter Gutmann, Department of Computer Science, University of Auckland http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html [2] Overwrite - http://www.kyuzz.org/antirez/overwrite/ http://freshmeat.net/redir/overwrite/7530/url_homepage/ Wipe - http://wipe.sourceforge.net/ BCWipe - http://www.jetico.com/ Quick explanation of the DoD 5220.22-M algorithm (verbatim): Overwrite all addressable locations with a character, its complement, then a random character and verify. [3] DoD 5220.22-M http://www.dss.mil/isec/nispom.htm http://web7.whs.osd.mil/corres.htm Army AR380-19 http://www.usapa.army.mil/gils/epubs5.html Navy NAVSO P5239-10 http://neds.nebt.daps.mil/ http://www.fma.hq.navy.mil/FMA/Publications/NAVSO%20Publications/P5239-10.pdf [5] Notice that there is not a Marine recommendation for removal of data? That's because the media is used for target practice! DoD Definition of Destroy: Destroy - Disintegrate, incinerate, pulverize, shred, or smelt. [6] DataDev V88 http://www.datadev.com/v88.html DataDev V91 http://www.datadev.com/v91m.html -A. Smith Free, encrypted, secure Web-based email at www.hushmail.com IMPORTANT NOTICE: If you are not using HushMail, this message could have been read easily by the many people who have access to your open personal email messages. Get your FREE, totally secure email address at http://www.hushmail.com.
This archive was generated by hypermail 2b30 : Fri Jun 22 2001 - 14:37:36 PDT