Re: Question on shredding a terebyte drive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




Dean S. Messing wrote:
Thanks to all for the replies.

I'll answer most of the comments here.

0) The disk is unmounted.

1) The drive is (was) a backup drive with a great deal of sensitive
   corporate laboratory research data and algorithms on it.  The
   monitary loss of the data being stolen would be significant though
   it's hard to put a $$ value on it.  More importantly, I'm following
   corporate policy.

This is the most problematic issue. Corporate policies that were
written when drive sectors were visible with a home microscope.
That said, I would go with the dd recommendations, 25 times.

Also, the -v option will slow the progress due to screen writes. I have seen this in the past.
And, if the drive is mounted as ext3, then the data may not get erased
as expected. See the man page on shred.
CAUTION:  Note that shred relies on a very important assumption:
       that the file system overwrites data in place.  This is the tra-
       ditional  way  to do things, but many modern file system designs
       do not satisfy this assumption.  The following are  examples  of
       file  systems on which shred is not effective, or is not guaran-
       teed to be effective in all file system modes: ...

Again, dd gets around this.

As for the comments on the "secure erase" features of drives. A quick google search came up with:
http://ata.wiki.kernel.org/index.php/ATA_Secure_Erase
Which shows how to use hdparm.

http://advosys.ca/viewpoints/2006/07/hard-drive-secure-erase/
Which is a very interesting article and this is really important.

We tried the secure erase utility on multiple old ATA drives and every one manufactured since 2000 supported the Security Erase command (the utility tells you if the drive does not). Drives older than 2000 don’t have the command so if you need to wipe very old drives, a software wipe is the best you can do.
Maybe run the secure erase 25 times.


--
Robin Laing

--
fedora-list mailing list
[email protected]
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux