On 2/8/2016 2:18 PM, m.roth@xxxxxxxxx wrote:
dban doesn't? What F/OSS does "secure erase"? And does it do what dban's
DoD 5220.22-M does?
do you even know what NISP Operating Manual 5220.22-M is? One thing it
does NOT have is ANY specifications of methods of data erasure (it
mentions data erasure in 2 short paragraphs, out of a 140 page book on
security).
The Defense Security Service C&S-M (clearing and sanitization matrix)
procedures state that magnetic disks will be degaussed or physically
destroyed.
http://www.oregon.gov/DAS/OP/docs/policy/state/107-009-005_Exhibit_B.pdf
note that degaussing a hard drive made since the early 80s will erase
its servo tracks and render it scrap.
there is no such thing as secure erasure. the whole silly 3 passes of
random data followed by zeroing thing has been debunked numerous
times. It MIGHT have worked in the days of MFM disks, when block
sparing was an OS function, and the drives just provided a stream of 1s
and 0s without recognizing 'sectors' (sectoring was done in the MFM disk
controller board). With any modern storage device writing a single
pass of zeros will do virtually the same thing, and is adequate to
remove casual data but by no means good enough for any sort of
government mandated security.
--
john r pierce, recycling bits in santa cruz
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
