[NBLUG/talk] OT: Bulk erasure

Eric Eisenhart eric at nblug.org
Wed Apr 2 17:26:02 PST 2003


On Wed, Apr 02, 2003 at 04:52:03PM -0800, Sebastian wrote:
> By erase, I mean that I don't wish the data to be recoverable without
> spending  a lot of time, possibly a lot of money to get at it. So
> fdisk/format is out, but the expensive and time-consuming commercial
> software is unnatractive and possibly overkill.

Define "a lot of money".  Specifically, is "a lot of money" more or less
than $10,000?

> I'm trying DBAN <http://dban.sourceforge.net/> on some, but it takes a
> very long time per disk, and can't help with the tapes.
> 
> How big of a magnet do I need to mess up the tapes really well? Like a car
> speaker magnet? Will that technique also work on hard disks?

At least with hard drives there 2 directly related problems:
1) When you, say, change a bit from 0-1 it doesn't go from -100% to +100%, it
   goes to +90% (and rewriting a 1 to a new 1 goes from 100% to 110%).  Then
   rewriting that back to a 0 leaves you at -101%...  I'm, of course,
   totally making up the specific numbers, but with expensive equipment it's
   possible to determine what was written before, back several generations.
2) When you write an all-0 byte, you don't write "00000000" to the hard
   drive; you write something more like "0001000010".  (I don't recall the
   typical patterns, and there's some variety)  This is done because an
   overly long string of 1s or 0s can be miscounted.  The effect when it
   comes to data recovery is that there's a built in checksum for every
   byte.

Look for "BCWipe" on freshmeat.net; if you're doing a software-only solution
you need to write many different patterns to force those checksum bits to
get changed, too.  A few random ones tossed in, additionally, are good. 
(but just random will tend not to be good enough; you need something that
targets the run-length encoding in use)

DBAN is probably similar; if you're erasing a hard drive with software,
you'll need to wait a while for it to rewrite every bit on the drive 4-100
times.

If you can borrow a bulk eraser, that would be better than a simple magnet. 
Those alternate back and forth and give you much better erasure.  Just a
really big strong magnet will leave the original pattern intact (simply
offset a given amount in one direction) enough that expensive analysis
equipment can figure out what was originally there.

Not that running them through whatever magnetic field you can get will hurt
the erasure process any...
-- 
Eric Eisenhart
NBLUG Co-Founder & Vice-President Pro Tempore
The North Bay Linux Users Group
http://nblug.org/
eric at nblug.org, IRC: Freiheit at freenode, AIM: falschfreiheit, ICQ: 48217244



More information about the talk mailing list