Built in HD Secure Erase vs wiping software

Discussion in 'other security issues & news' started by flinchlock, Jun 10, 2007.

Thread Status:
Not open for further replies.
  1. flinchlock

    flinchlock Registered Member

    Joined:
    Jan 30, 2005
    Posts:
    554
    Location:
    Michigan
    Dr. Gordon Hughes of The Center for Magnetic Recording Research (CMRR) has written a "Disk Drive Secure Erase" program...
    The "option" was removed in the 3.0 - Released 11/26/2006.

    Per page 8 of http://cmrr.ucsd.edu/Hughes/DataSanitizationTutorial.pdf
    The latest version...
    (all bolding/red is mine)

    Comments?

    Mike

    Note #1 There will be a new version 3.2 of HDDerase.exe because I discovered the 3.1 version does not work with my Seagate 40GB ST340823A... that drive does not support DCO (device configuration overlays are optional in the ATA specification).

    Note #2 Dr. Gordon Hughes is principal investigator of the S.M.A.R.T. and iStor/iDrive projects. :thumb: :thumb:
     
    Last edited: Jun 12, 2007
  2. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Interesting reading :thumb:
     
  3. herbalist

    herbalist Guest

    Other than its ability to recognize protected drive areas, I don't see where it has any advantages over Dariks Boot and Nuke. HDDerase, having the ability to recognize protected drive areas and not erase them is actually more of a concern for me. When I overwrite a drive, I want to know that everything is gone beyond recovery, not sitting in some protected partition. For myself, this is one type of utility where only Open Source will do.

    Who or what is going to attack drive erasing software, and why? About the only ones I can think of that would want to compromise drive wiping software would be an agency like the NSA or CIA (or a foreign equivalent). The only purpose I can think of is preventing it from working properly on certain areas containing data that interests them. Even if this were true, there'd be easier ways to do it, such as coercing the author to change the code. If someone just wants to kill your hard drive, there's plenty of malicious code that already does that, the KillDisk virus for one. I don't see where this app is "built in". It's a DOS executable that fits on a boot floppy. DBan does that. So does the DOS executable component of Eraser.

    Rick
     
  4. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    I think that you're misinterpreting that sentece.
    IMHO, he is saying that external software utilities may leave some readable data, which could be recovered by forensic tools (malicious software attack).
     
  5. herbalist

    herbalist Guest

    I'd be more inclined to expect that from some "built in" utility, especially one that identifies protected storage. I still don't see where DOS executable that's added to a bootdisk qualifies as built in. I'll stick with DBan and Eraser. I know they work.
    Rick
     
  6. flinchlock

    flinchlock Registered Member

    Joined:
    Jan 30, 2005
    Posts:
    554
    Location:
    Michigan
    Dr. Gordon said...
    I am assuming that ALL the DOS program is doing, is telling the drive perform the SE command contained IN the drives firmware... just like the simple spin-up and spin-down commands.

    I think this .pdf CMRR Protocols for Disk Drive Secure Erase will answer your questions.

    Mike
     
  7. EASTER.2010

    EASTER.2010 Guest

    Not to make light of any of this because it is always been interesting reading and moreover drives my own curiosity up another notch to see if there has been any better Full Wipe/Erase methods/programs than are already available.

    But another funny though occured to me. If ever in doubt, why not physically remove the HD from the case and pull the cover, then take it to the nearest scrap metal yard and request they latch onto it with their huge electromagnet for a few seconds to a minute or so.

    Something tells me that would do the trick.
     
  8. coolbluewater

    coolbluewater Registered Member

    Joined:
    Feb 10, 2007
    Posts:
    268
    Location:
    next door to Redmond
    In the time it would take to drive to the scrapyard, I can have that HD reduced to a smoldering blob with my oxy-acetylene torch. ;)
     
  9. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Yes I use this.:thumb: It will make use of the commands in ATA drives. Although some bios deny the secure erase option by a freeze lock command on boot you can use bios tools or other work arounds.

    I use it for anything that survives a format or a redundant drive.
     
  10. flinchlock

    flinchlock Registered Member

    Joined:
    Jan 30, 2005
    Posts:
    554
    Location:
    Michigan
    Tutorial on Disk Drive Data Sanitization
    Mike
     
  11. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,097
    My understanding of Secure Erase is that nothing can be recovered after its use, and is certified by NIST and the NSA. I don't know if even DBAN's boot and nuke can make that claim, but I understand it is very good.

    Every hard drive mfgr subjects each hard drive to quality control testing to meet their minimum requirements for quality which discovers and imprints each disk with information about unusable sectors, i.e. not useable by the end user, such as sectors for use only by the mfgr to record reliability information about the useable sectors.

    Over time sectors degrade and are removed from normal operation of the hard drive when they fall below the criteria of a good "enough" sector according the the mfgr's criteria.

    I don't know whether Secure Erase touches that part of a hard drive, however, IMO its not worth bothering about.

    -- Tom
     
Loading...
Thread Status:
Not open for further replies.