Re: Question on shredding a terebyte drive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dean S. Messing wrote:

Thanks to all for the replies.

I'll answer most of the comments here.

0) The disk is unmounted.

1) The drive is (was) a backup drive with a great deal of sensitive
   corporate laboratory research data and algorithms on it.  The
   monitary loss of the data being stolen would be significant though
   it's hard to put a $$ value on it.  More importantly, I'm following
   corporate policy.
This is the most problematic issue. Corporate policies that were written when drive sectors were visible with a home microscope. 

That said, I would go with the dd recommendations, 25 times.
Also, the -v option will slow the progress due to screen writes. I have seen this in the past.
And, if the drive is mounted as ext3, then the data may not get erased as expected. See the man page on shred. 

CAUTION:  Note that shred relies on a very important assumption:
       that the file system overwrites data in place.  This is the tra-
       ditional  way  to do things, but many modern file system designs
       do not satisfy this assumption.  The following are  examples  of
       file  systems on which shred is not effective, or is not guaran-
       teed to be effective in all file system modes: ...

Again, dd gets around this.
As for the comments on the "secure erase" features of drives. A quick google search came up with: 

http://ata.wiki.kernel.org/index.php/ATA_Secure_Erase
Which shows how to use hdparm.

http://advosys.ca/viewpoints/2006/07/hard-drive-secure-erase/
Which is a very interesting article and this is really important.
We tried the secure erase utility on multiple old ATA drives and every one manufactured since 2000 supported the Security Erase command (the utility tells you if the drive does not). Drives older than 2000 don’t have the command so if you need to wipe very old drives, a software wipe is the best you can do. 

Maybe run the secure erase 25 times.


--
Robin Laing

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux