Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
RE: [suse-security] Securely wiping external usb hard drive
From: Baenen Eric P Contr AFRL/HEC (Eric.Baenenwpafb.af.mil)
Date: Tue Apr 26 2005 - 08:31:56 CDT
There is nothing particularly sensitive on the drive - unless you count the annual personnel reviews of my team - other than that it's just apt/rpm/deb archives and install disk iso's for several Linux distros in use here. However the US military does require secure wiping of all hard drives before transfer, turn in, etc... just in case. You never know what someone might find useful or interesting... the term used is OPSEC (Operations Security).
Windoze programs like bcwipe and eraser (http://www.dirfile.com/eraser.htm) can do the job to military specs - I was just hoping to find a SUSE based solution so I don't have to track down a windoze system I can use for a while.
I'm not sure if it's the drive or the laptop but so far "dd if=/dev/urandom of=/dev/sda" has been running for about 8 hours - first pass. I may just have to fall back to a windoze solution - bcwipe only takes a few hours to make 7 passes of varying patterns.
This was somewhat of an evaluation/experiment - I don't think we'll be using this make/model of external drive any more.
Program Manager - Scientific Network Environments
General Dynamics - Advanced Information Systems
2255 H Street (AFRL/HEC)
Area B Bldg 248 Rm 108
Wright Patterson AFB, OH 45433
From: Mike Tierney [mailto:miketmarketview.co.nz]
Sent: Monday, April 25, 2005 5:35 PM
To: 'Baenen Eric P Contr AFRL/HEC'; 'Suse-Security List (E-mail)'
Subject: RE: [suse-security] Securely wiping external usb hard drive
Given that you work for the Military, I'd recommend that you have a talk to
your local IT people about what they recommend. No doubt they'd have quite
stringent rules and regulations for disposing of storage devices that held
sensitive information. That's if you are using this drive to transfer
information between work and home! In which case I'd hope it was all
encrypted as well!
However if it's just your own personal hard-drive (that's never held
sensitive Air Force information) then running "dd i=/dev/urandom o=/dev/sda"
a few times would probably do it.
Having said that, I read once that hi-tech hardware data recovery devices
can still retrieve "old" information from a hard-drive from its lingering
magnetic imprint even AFTER its been wiped over with new data. But those
devices are probably only routinely employed by foreign governments,
competitors engaging in industrial esponiage and of course data retrievel
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here