Bruno Wolff III wrote:
On Wed, Sep 02, 2009 at 13:32:32 -0700,
"Dean S. Messing" <deanm@xxxxxxxxxxxxx> wrote:
I have a terebyte sata drive that I need to securely wipe clean. It
How securely? (I.e. what order of magnitude is the budget an adversary is
assumed to have?)
The drive is capable of about 60MB/sec, but shred is only "shredding"
about 25MB every 5 seconds according to its output. Since the default
number of passes is 25, this works out to about 5 days.
For many definitions of secure, one pass writing zeros will make the cost
of recovering any data beyond the benefit to your assumed adversaries.
Your biggest risk is probably going to be that you thought you overwrote
the disk but made a mistake and didn't (or only partially did).
Note that in most cases where the adversary is assumed to be able to afford
to try to recover spare blocks or use electron microscopes to try to figure
out what may have been written previously, you should be physically destroying
the drive (after wiping) rather than save a few bucks repurposing or selling
it.
That's just it. What is "secure"? It's a rather nebulous term and
depends on your level of paranoia rather than a fixed definition.
Unless you physically destroy the drive in a manner where it cannot
possibly be reassembled (e.g. sanding the oxide off the platters into
dust and ensuring the dust spreads to the four corners of the world),
then there is a possibility that some data can be recovered.
We do an 8-pass shred on all drives that may have seen sensitive data.
Yes, someone with the resources of the NSA could probably recover the
data at that point, but there are very few groups with that kind of
firepower available to them and would they even bother?
To make everyone happy, though, we then give them to a certified company
which puts the drives through a giant degaussing coil (appropriated from
an old MRI scanner) before they're physically ground up by a big
shredder that also eats cars for a living. The remnants get mingled
with the chunks of countless Chevy Cavaliers, Ford Pintos and Chrysler
K-cars and probably end up as part of someone's refrigerator. It's
overkill in my opinion, but I've been wrong before.
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer ricks@xxxxxxxx -
- AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 -
- -
- Never eat anything larger than your head -
----------------------------------------------------------------------
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines