Urgent security need!

[GameSnake]

In need of hard drive deletion. I am thinking I could overwrite the OS with a diskette trojan right? Any advice is helpfull.

[Sidoh]

In need of hard drive deletion. I am thinking I could overwrite the OS with a diskette trojan right? Any advice is helpfull.

... overwrite the OS with a diskette trojan?  Yeah, okay.

Deleting the OS (or even formatting the drive) won't destroy the data completely.  You'll want to get a drive scrubber, which overwrites data with garbage.  Install linux and use shred.

[iago]

Download DBAN.  Burn it to a CD.  Put the CD in your drive.  Reboot.  Follow the instructions.

Warning: will delete all data on the drive. 

When asked, 3 passes is sufficient. 

[GameSnake]

Thanks iago. DBAN fits on a diskette, Sidoh, and thats what I meant by "diskette trojan", the wording was probably not correct.

[iago]

Your wording was definitely wrong.  A trojan is a program that comes disguised as another program.

[Warrior]

Generally what happens when a drive is formatted? I'd think just reformatting and reinstalling an OS ontop of it should suffice..
*shrug* Maybe they just leave the garbage data left over from the last install there and rebuild the FS Tree.

[Eric]

x86] link=topic=5848.msg69322#msg69322 date=1147541995]
*shrug* Maybe they just leave the garbage data left over from the last install there and rebuild the FS Tree.

That's what happens during a "quick" format on Windows.  I believe the standard option fills the disk with random data, but I'm unsure.

On Linux, you'd simply have to run the shred program after creating the partition.

[Joe]

I don't think the standard option does that, because if it did, unformat couldn't work.

[iago]

x86] link=topic=5848.msg69322#msg69322 date=1147541995]
Generally what happens when a drive is formatted? I'd think just reformatting and reinstalling an OS ontop of it should suffice..
*shrug* Maybe they just leave the garbage data left over from the last install there and rebuild the FS Tree.

There's always slack space between files and stuff where bits and pieces of data can be recovered.  When a drive is formatted, it builds the filesystem structure, which doesn't overwrite every bit of data. 

Also, depending on the sensitivity of the data, a single over-write doesn't always suffice.  Overwritten data can be recovered with advanced technology.  Usually nothing to worry about, but like I said it depends on the sensitivity of the data.  The Canadian military (RCMP) recommend 3 overwrites for unclassified/secret data and for top-secret the drive has to be incinerated. 

That's what happens during a "quick" format on Windows.  I believe the standard option fills the disk with random data, but I'm unsure.

On Linux, you'd simply have to run the shred program after creating the partition.

I'm not positive, but I'm pretty sure a quick format and slow format write the same data to the drive, but a slow format also verifies the drive's integrity. 

'shred' isn't designed to shred a partition, just a file (although Linux treats everything as a file, so it's possible).  To shred a single partition you can just write random data to it (cat /dev/urandom > /dev/hda1).  Or to shred the whole disk you can pipe data straight to the disk (cat /dev/urandom > /dev/hda).  That's basically what DBAN does. 

[Newby]

'shred' isn't designed to shred a partition, just a file (although Linux treats everything as a file, so it's possible).

   You might use the following command to erase all trace of the
filesystem you'd created on the floppy disk in your first drive.  That
command takes about 20 minutes to erase a "1.44MB" (actually 1440 KiB)
floppy.

     shred --verbose /dev/fd0

   Similarly, to erase all data on a selected partition of your hard
disk, you could give a command like this:

     shred --verbose /dev/sda5

   An exit status of zero indicates success, and a nonzero value
indicates failure.

[iago]

'shred' isn't designed to shred a partition, just a file (although Linux treats everything as a file, so it's possible).

   You might use the following command to erase all trace of the
filesystem you'd created on the floppy disk in your first drive.  That
command takes about 20 minutes to erase a "1.44MB" (actually 1440 KiB)
floppy.

     shred --verbose /dev/fd0

   Similarly, to erase all data on a selected partition of your hard
disk, you could give a command like this:

     shred --verbose /dev/sda5

   An exit status of zero indicates success, and a nonzero value
indicates failure.

Like I said, it's not designed for that.  The evidence would be the way it says "you might want to try"

[MyndFyre]

I'm not positive, but I'm pretty sure a quick format and slow format write the same data to the drive, but a slow format also verifies the drive's integrity. 

That's correct.  A slow format is the equivalent of running a chkdsk -s scan for physical drive defects.

Format replaces the boot sector and MFT or FAT and root directory.  The quick version does *only* that.

[Ersan]

The Canadian military (RCMP) recommend 3 overwrites for unclassified/secret data and for top-secret the drive has to be incinerated. 

The U.S. Department of Defense (DoD 5220.22-M) requires 7 random data stream passes, keep on sucking Canada!

[Newby]

Seriously. 8)

[iago]

The Canadian military (RCMP) recommend 3 overwrites for unclassified/secret data and for top-secret the drive has to be incinerated. 

The U.S. Department of Defense (DoD 5220.22-M) requires 7 random data stream passes, keep on sucking Canada!

For what grade of data? 

There is no real difference between 2, 3, 5, 7, and 100 passes.  After the second one it is basically impossible to recover the data in any useable way.  The third one is just to be safe, but the last 4 are pretty useless.  For the time it takes to wipe a drive, waiting for 7 passes isn't an efficiant use of time. 

But like I said, for highest priority data (top secret), the drive has to be incinerated and recycled.