On Sun, Mar 14, 2010 at 12:02 PM, Mark Lord <kernel@xxxxxxxxxxxx> wrote: > On 03/11/10 13:29, Greg Freemyer wrote: >>> >>> But really.. isn't "hdparm --security-erase NULL /dev/sdX" good enough >>> ??? >>> >> >> This thread seems to have died off. If there is a real problem, I >> hope it picks back up. >> >> Mark, as to your question the few times I've tried that the bios on >> the test machine blocked the command. So it may have some specific >> utility, but it's a not a generic solution in my mind. > > .. > > Yeah, a lot of BIOSs do a "SECURITY FREEZE" command before booting, > which disables things like "SECURITY ERASE" until the next hard reset. > > So, on a Linux system, just unplug the drive after booting, replug it, > and usually it can then be erased. I have a client that wipes 10,000+ drives a month. (They do this as a service to banks, etc. as the machines they're in are retired, so they use 10,000+ machines to wipe those 10,000+ drives.) They tend not to open the case, just boot via PXE/USB/CD and run a wiping tool. Opening the case to do as you propose is not really acceptable. Also they still have a lot of IDE inside those retiring machines. fyi: If the wipe fails for whatever reason, they do open the case and physically remove/disable/sanitize the drive. Greg -- To unsubscribe from this list: send the line "unsubscribe linux-ide" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html