Many years ago when we were upgrading desktop computers, data-security on the outgoing hard-drives seemed a really low priority.
Out with the old and in with the new.
We were dealing with thousands of systems and we had a handful of staff. For quite a while the policy was to do a format and fdisk on the drive. Then we would place an electromagnetic over the drive or side of the case nearest the drive and wave it around for a minute or two.
Job done.
Only one day I decided see just how effective the technique was. We tried the electromagnetic bulk eraser on a system right off the desk (not yet formatted/fdisked) and found that it didn't matter if was held on the side of the case or directly over the hard-drive. The system shrugged off the attempts and was fully bootable/readable.
Then we demonstrated that common freeware data-recovery software could easily view the data still on the formatted/fdisked drive.
Time to change the policy.
Today our policy is to do a 3-pass D.O.D. grade secure data wipe on all hard-drives that are either leaving our ownership or that are being reassigned to a new user.
Corporate and home users both need to be aware that data can be recovered off of drives. Before they dispose/donate them, it is important to either pull and keep the drives or perform a secure data-wipe process on them. With very few exceptions (usually reserved for only the newest drives and systems) effective disk-wiping can be a time-consuming experience. If that's a concern, just pull and keep the drive, or take a sledge-hammer to the platters.
Here are just a few of the best freeware products I know of to address these needs. I now carry all of these wipe-disks (in both a floppy and CD format) with me at work and home so I am ready to address just about any hardware configuration I am presented with for secure drive wiping
The List
For the longest time we used Darik's Boot and Nuke (Hard Drive Disk Wipe) disk. This old-standby (also known as DBAN) allows for creation of a boot floppy or boot CD. It supports SCSI, IDE, PATA, and SATA disks and should be able to wipe just about any file-system from a drive. You can use one of five preset wipe formats or set custom wipe patterns.
Lately, I've noticed it tends to run much slower on some of our latest laptop systems and has been having trouble when USB keyboards/mice are used instead of PS2 connectors.
A new application I have just come to start using is Terabyte Unlimited's - CopyWipe. While it can also do direct disk-to-disk copy work, I've found it a great tool in securely wiping newer systems. It seems to handle newer hardware very well and works with USB keyboard/mice configurations. Download the zip file and unpack. You can then run the makedisk.exe file to create a boot floppy or boot CD ISO file. Burn it to disk and you are good to go. This application provides support for accessing the connected drive via (through) the BIOS, via the BIOS (directly), via USB2 connections, and for IEEE1394 devices. You then have an amazing nine (9) wipe options to pick from. From a quick 1-pass wipe, up to a 35-pass wipe. Also included is a hardware-based wipe method for drives that support this built-in drive-wipe feature.
Third-up is the Center for Magnetic Recording Research (CMRR)'s Secure Erase (aka HDDErase) . There are some really interesting items here. I really encourage anyone wanting more details on this area to read their whitepaper Disk Drive Secure Erase for User Data. It discusses the issues and liabilities related to data security and destruction. CMRR Secure Erase Protocols also discusses some of these in more detail. Definitely stuff for data-heads. You will have to create a boot-disk yourself then add the program file to it, or else download the Ultimate Boot CD ISO file and burn it to disk as it contains this utility (and tons of other clever things as well). One thing going for Secure Erase is that it also supports "enhanced secure erase" modes on supported drives. This works to effectively render the data on a drive inaccessible in seconds by changing the in-drive encryption key. Even though the data is still on the drive, it cannot be read/accessed as the key that interprets that data from the drive has be irrevocably changed.
The last secure-wipe tool I have been using is CONVAR & PCinspector's e-maxx. Download the installer or choose the pre-rolled ISO file and burn to disk. It isn't very glamorous but it does the trick.
The latest Ultimate Boot CD ISO (v4.1.1) actually contains fully loadable versions of Darik's Boot and Nuke v1.0.7, CopyWipe v1.14, e-maxx v0.95, HDDErase v3.1, and the free version (4.1) of the Active@ Kill Disk Hard Drive Eraser application.
That's like five great wiping tools all on one CD.
I am also aware of Microsoft's DiskPart command-line utility (XP/Vista) that can be run with the "clean" argument. Handy if you just have a Windows PE 2.0 or Bart PE boot disk laying around.
clean
Removes any and all partition or volume formatting from the disk with focus. On master boot record (MBR) disks, only the MBR partitioning information and hidden sector information are overwritten. On GUID Partition Table (GPT) disks, the GPT partitioning information, including the Protective MBR, is overwritten. There is no hidden sector information.
Syntax
clean [all]
Parameter
all : Specifies that each and every sector on the disk is zeroed, which completely deletes all data contained on the disk.
For more on this, check out this post, specifically section 4: A geeks guide for building and deploy the perfect Vista image. That section contains a nice list of how to clean a drive and reformat it using diskpart.
Regardless of the method you choose, just use all this scrubbing-bubbles power carefully. Once executed, these tools will make all the data on a drive effectively disappear and become unrecoverable...probably even for the best recovery experts and techniques commercially and secretly known (or not).
--Claus
No comments:
Post a Comment