Re: Data destruction

[Wade Chandler <wchandler redesetgrow com>]

Elmer E. Dow wrote:
> Greetings:
>
> This post is not RH specific, but given the experience level of the list 
> participants, it seems like the likely place to seek input on this subject. 
> If there's a more appropiate place to post, please let me know.
>
> I'm researching available data destruction programs that I could use for 
> getting rid of an organization's financial info, etc. before 
> donating/disposing/reusing an old computer. Have any of you used the 
> following programs? Good or bad experience? Any words of advice?
>
> Darik's Boot & Nuke (http://dban.sourceforge.net/) can be installed on a 
> diskette or CD. It appears to be a one-function live distro for the paranoid. 
> Just stick it in the drive and hit enter and it'll overwrite everything. The 
> caution to clearly label the disk seems justified.
>
> Secure Delete (http://freshmeat.net/projects/securedelete/?topic_id=43) is a 
> bit more versatile: "Secure Delete is a set of three utilities to perform the 
> following: secure deletion of files, secure overwriting of the unused 
> diskspace on the harddisk, and secure overwriting and cleaning of the swap 
> filesystem." 
>
> I also found a program called Wipe (http://wipe.sourceforge.net/). It's the 
> one that's commonly included on live forensic or security distros (see 
> http://www.frozentech.com/content/livecd.php). However, the site states 
> "There are some low level issues that must be taken into consideration. One 
> of these is that there must be some sort of write barrier between passes. 
> Wipe uses fdatasync(2) (or fsync(2)) as a write barrier, or if fsync(2) isn't 
> available, the file is opened with the O_DSYNC or O_SYNC flag. For wipe to be 
> effective, each pass must be completely written. To ensure this, the drive 
> must support some form of a write barrier, write cache flush, or write cache 
> disabling."
>
> Can someone with more knowledge than I tell this greenhorn just what the above 
> paragraph means and how one could be sure that the machine would do this? If 
> it needs fsync, then shouldn't it simply be run from a live distro that could 
> provide that? Am I correct in assuming that each of these programs would wipe 
> all partitions of a disk regardless of the file system used (ext. 2, ext. 3, 
> FAT32, NTFS, etc.)?
>
> Elmer

dban seems like a quick, easy, and real solution.  I mean.  All you need 
to do is write all bytes with some other bytes.  If it isn't trying to 
access the file system, but instead is overwriting the bytes on your 
drive then you are good to go.  You can also probably use something like 
dd I'm sure as it has the ability to initialize the bytes to a value. 
You could simply create a huge swap partition and overwrite every byte 
in the swap with a value of 0.

Wade