Howto: Cleaning /Wipping Hard Disk/Files

Share your own howto's etc. Not for support questions!

Re: Howto: Cleaning /Wipping Hard Disk/Files

Postby wizard10000 » 2017-01-18 00:37

dasein wrote:Edit: For the benefit of those too farqing lazy to search for it: viewtopic.php?f=10&t=82461&start=15#p446550


All respect to you, but read it a couple years ago and dismissed it.

Why? Glad you asked :mrgreen:

1. It's ten years old.

2. It's unclassified.

I have no direct knowledge that the information in that NIST doc is incorrect but considering the rate of technological advance in the private sector it wouldn't surprise me at all to learn that the gummint has learned a few new tricks since then.
we see things not as they are, but as we are.
-- anais nin
User avatar
wizard10000
 
Posts: 1194
Joined: 2011-05-09 20:02
Location: midwestern us

Re: Howto: Cleaning /Wipping Hard Disk/Files

Postby cpoakes » 2017-01-18 00:56

Most HD and SSD units of recent vintage come with an ATA secure erase feature to wipe the entire device. Secure erase is provided by hdparm:

Code: Select all
hdparm --security-erase NULL /dev/sdX

If not already obvious, you'll need root permissions. Substitute your password for "NULL" (if you have configured the drive with a hardware password) and your actual device for "/dev/sdX".

This is considered the most more secure form of erasure on SSD units as it also erases the unaddressable blocks used in over-provisioning that may still contain recoverable data. Some research (2011) indicates that some SSDs fail to erase data with the ATA command, but given the concerns of business users depending on such capabilities I trust the assurances of the reliable manufacturers since this time.

Furthermore, newer drives simply encrypt every block (the controller is faster than the memory) and change the key to make the data unusable. This explains why secure erase can appear instantaneous on some SSDs.
User avatar
cpoakes
 
Posts: 94
Joined: 2015-03-29 04:54

Re: Howto: Cleaning /Wipping Hard Disk/Files

Postby pylkko » 2017-01-18 05:26

It might require setting the ssd password. At least it did when I last did it. If the data is only encrypted, then it sound like that such a "secure erase" will render the data unusable for normal users but not governments.
User avatar
pylkko
 
Posts: 1110
Joined: 2014-11-06 19:02

Re: Howto: Cleaning /Wipping Hard Disk/Files

Postby Head_on_a_Stick » 2017-01-18 07:11

This also works and does not pose the risk of a locked drive if an error is made during the password phase:
Code: Select all
# blkdiscard /dev/sdX

EDIT: SSDs only ofc :)
"Are you quite sure that all those bells and whistles, all those wonderful facilities of your so called powerful programming languages, belong to the solution set rather than the problem set?" — Edsger W. Dijkstra
User avatar
Head_on_a_Stick
 
Posts: 6585
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: Howto: Cleaning /Wipping Hard Disk/Files

Postby cpoakes » 2017-01-18 15:34

pylkko wrote:It might require setting the ssd password. At least it did when I last did it. If the data is only encrypted, then it sound like that such a "secure erase" will render the data unusable for normal users but not governments.


Yes, I have dealt with one SSD that required me to set a password before it could be erased - kinda counterintuitive, and another that did not.

My Samsung drives use AES256 which I don't believe any government can crack... yet. And as with all encryption, it will be crackable *someday* - not before your credit card information expires, but possibly before the statute of limitations on capital crimes or your company's proprietary information loses all value.
User avatar
cpoakes
 
Posts: 94
Joined: 2015-03-29 04:54

Re: Howto: Cleaning /Wipping Hard Disk/Files

Postby RU55EL » 2017-01-18 16:54

dasein wrote:
Hallvor wrote:I just smash old hard drives with a sledge hammer. :D

Ironically enough, zero-fill is much more secure, unless one shreds the platters into dust.

(Just sayin')


If I've got an old obsolete drive that I want unreadable, I write across the disk a couple times with DD, then use a sledge hammer.

The one time that I wanted the data erased without question, I disassembled the drive and slagged the platters with a oxy/acetylene torch.

A little off topic...

Hard drive platters are fun to shoot with a pellet gun!
User avatar
RU55EL
 
Posts: 285
Joined: 2014-04-07 03:42
Location: /home/russel

Re: Howto: Cleaning /Wipping Hard Disk/Files

Postby pylkko » 2017-01-18 18:22

cpoakes wrote:
pylkko wrote:If the data is only encrypted, then it sound like that such a "secure erase" will render the data unusable for normal users but not governments.


My Samsung drives use AES256 which I don't believe any government can crack...
Fine. But don't you have any reservations about presuming that cracking the encryption is a requirement in this scenario?
User avatar
pylkko
 
Posts: 1110
Joined: 2014-11-06 19:02

Re: Howto: Cleaning /Wipping Hard Disk/Files

Postby cpoakes » 2017-01-18 18:46

^Point taken. But I'm concerned about new users when I resell/redistribute old drives, not government agencies using encryption/manufacturer backdoors to snoop on my used equipment. If my acivities generate government interest, I think they are more likely to get a warrant and sieze my equipment, or seize my equipment at a border crossing than wait for me to post it for sale on craigslist.
User avatar
cpoakes
 
Posts: 94
Joined: 2015-03-29 04:54

Re: Howto: Cleaning /Wipping Hard Disk/Files

Postby pylkko » 2017-01-18 19:58

the command that you posted varied slightly from the one I posted a few posts earlier in this thread and I was wondering why. I searched a bit and found nothing fully explanatory. But this:
If your drive supports enhanced erase, you may want to substitute security-erase-enhanced for security-erase. The difference, according to the HDDerase.exe FAQ:
Secure erase overwrites all user data areas with binary zeroes. Enhanced secure erase writes predetermined data patterns (set by the manufacturer) to all user data areas, including sectors that are no longer in use due to reallocation.
User avatar
pylkko
 
Posts: 1110
Joined: 2014-11-06 19:02

Re: Howto: Cleaning /Wipping Hard Disk/Files

Postby bester69 » 2017-01-19 11:03

pylkko wrote:Ok, so what about:
Code: Select all
hdparm --user-master u --security-erase-enhanced password /dev/device name

Will resetting the cells of an SSD leave anything that can be recovered?

hdparam, messed all my computer, i lost my table partiton and i couldnt recover my windows installation, i also lost a virtual XP installation :x ,
please, dont post dangerous linux virus. (hehe, i was sure there wasn't virus for linux, obviously i was pretty wrong :( )

At least, you should warn people about the dangerousing of this command line.. i think. :(

hopefully i could use testdisk and my skills to be able to recover my linux installation and other NTFS partitions, It wasn't easy at all, i had to apply some tricks of my own cos table partition become a really disaster. 8)
User avatar
bester69
 
Posts: 909
Joined: 2015-04-02 13:15

Re: Howto: Cleaning /Wipping Hard Disk/Files

Postby wizard10000 » 2017-01-19 11:30

bester69 wrote:At least, you should warn people about the dangerousing of this command line.. i think. :(


No disrespect, bester- but there's a really good reason you shouldn't run things as root unless you understand what impact it will have.

You're probably not gonna be able to recover data off that drive; a security erase is *designed* to make the data unrecoverable.

Measure twice, cut once :)
we see things not as they are, but as we are.
-- anais nin
User avatar
wizard10000
 
Posts: 1194
Joined: 2011-05-09 20:02
Location: midwestern us

Re: Howto: Cleaning /Wipping Hard Disk/Files

Postby bester69 » 2017-01-19 11:39

wizard10000 wrote:
bester69 wrote:At least, you should warn people about the dangerousing of this command line.. i think. :(


No disrespect, bester- but there's a really good reason you shouldn't run things as root unless you understand what impact it will have.

You're probably not gonna be able to recover data off that drive; a security erase is *designed* to make the data unrecoverable.

Measure twice, cut once :)


I used swap partition just in case to see what happend, and then it came into swappening, i got terrified and shut down inmediattly my computer, then it all was gone :shock:
User avatar
bester69
 
Posts: 909
Joined: 2015-04-02 13:15

Re: Howto: Cleaning /Wipping Hard Disk/Files

Postby wizard10000 » 2017-01-19 11:45

bester69 wrote:I used swap partition just in case to see what happend, and then it came into swappening, i got terrified and shut down inmediattly my computer, then it all was gone :shock:


hdparm doesn't do partitions - it talks to the block device. Sorry you had to learn that the hard way :(
we see things not as they are, but as we are.
-- anais nin
User avatar
wizard10000
 
Posts: 1194
Joined: 2011-05-09 20:02
Location: midwestern us

Re: Howto: Cleaning /Wipping Hard Disk/Files

Postby dasein » 2017-01-19 11:59

wizard10000 wrote:
dasein wrote:Edit: For the benefit of those too farqing lazy to search for it: viewtopic.php?f=10&t=82461&start=15#p446550


All respect to you, but read it a couple years ago and dismissed it.

Why? Glad you asked :mrgreen:

1. It's ten years old.

2. It's unclassified.

Yeah, and the Principia hasn't been updated in over 300 years, so I guess force no longer equals mass x acceleration. :roll:

wizard10000 wrote:I have no direct knowledge that the information in that NIST doc is incorrect but...

But ungrounded, baseless speculation is simply too shiny to resist.
User avatar
dasein
 
Posts: 7775
Joined: 2011-03-04 01:06
Location: Terra Incantationum

Re: Howto: Cleaning /Wipping Hard Disk/Files

Postby wizard10000 » 2017-01-19 12:06

dasein wrote:But ungrounded, baseless speculation is simply too shiny to resist.


:D

It's not baseless speculation, the technology is already proven. It's reasonable to expect that if the technology is still relevant that it's been improved in the past ten years.

Your turn :P

edit: Not particularly relevant but the NSA's electronic tools catalog is classified - I saw a copy of it a couple years back and it was pretty damned shiny :)

Nothing in there about reading local hard drives that I'd like to share, but this catalog was tools you could buy, not tools that had to be run in a lab.
we see things not as they are, but as we are.
-- anais nin
User avatar
wizard10000
 
Posts: 1194
Joined: 2011-05-09 20:02
Location: midwestern us

Previous

Return to Docs, Howtos, Tips & Tricks

Who is online

Users browsing this forum: No registered users and 2 guests

fashionable