[Rule] Data wiping boot disk

Liam Proven lproven at gmail.com
Fri Feb 9 05:23:30 EET 2007


On 09/02/07, C David Rigby <c.david.rigby at gmail.com> wrote:

> If a business really cares about not letting its data be dispersed into the
> environment, then it needs to be as sure as possible that the physical
> repository of that data, its hard disks, are not discarded with the data
> still available. Since it is a business, it needs to perform the task in the
> least expensive manner possible. Sadly for recycling, this means destroying
> the hardware.

Yup. Of course, the thing is that merely, saying, drilling holes in a
disk or smashing it with a big hammer will not stop the data being
recovered. In fact, it's relatively easy to get the data back from
something like that, whereas a secure erasure in software will leave
only such minute traces that about the only way to recover anything
would be for a human to inspect the disks with an electron microscope
- which is not remotely viable for a modern multi-hundred-gig drive.

> If you offer to securely erase disks as part of receiving a donation, and
> the data still gets out and is used for some sort of unpleasantness, you
> would probably be legally liable for damages. In the US & probably in
> Europe, at least, you can pretty much count on being sued.

Absolutely, so really, it must be up to the donator to do this.


 Still, for home users or others with less intense security needs, shred
> should be good enough. A bootable floppy may or may not have it (bootable
> floppy distros usually use busybox, and that does not seem to support shred
> functionality (per a quick scan of the busybox command list here:
> http://www.busybox.net/downloads/BusyBox.html). Shred is
> probably available on most of not all bootable CD distros as part of the
> fileutils package.

The snag being that something /shred/ or /srm/ won't work if you only
have read access to a filesystem from Linux - e.g. if you're looking
an an NTFS volume.

> I like the idea of a tool for this purpose. I do not have time to work on it
> myself (a new job in yet another country has absorbed my life once again).
> However, a bit of googling may well turn up a tool that will do the job and
> which is free/libre.

Google didn't, but Wikipedia did! :-) DBAN looks like just the thing.

Thanks for the comments!

-- 
Liam Proven  Blog, homepage &c: http://lproven.livejournal.com/profile
Email: lproven at cix.co.uk  GMail/Google Talk/Orkut: lproven at gmail.com
Tel: +44 20-8685-0498  Mob: +44 7939-087884  Fax: + 44 870-9151419
AOL/AIM/iChat: liamproven at aol.com  MSN/Messenger: lproven at hotmail.com
Yahoo: liamproven at yahoo.co.uk  Skype: liamproven  ICQ: 73187508




This full static mirror of the Run Up to Date Linux Everywhere Project mailing list, originally hosted at http://lists.hellug.gr/mailman/listinfo/rule-list, is kept online by Free Software popularizer, researcher and trainer Marco Fioretti. To know how you can support this archive, and Marco's work in general, please click here