Wipe personal data from cell phones and PC

Discussion in 'privacy general' started by ronjor, Dec 27, 2007.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,768
    Location:
    Texas
    Article
     
  2. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    Not sure about cell phones because the handset technology is relatively new where concerns wiping data, but i still would like to know the difference between say a D-Ban wipe that every article on earth refers to when this subject is brought up, compared to HDDErase which proports to access a HD's internal erase code, forcing some electronical means for so-called dissolving data completely and unrecoverable.
     
  3. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,097
    As I understand it, Secure Erase (aka hdderase) is a utility that can issue the drive's internal secure erase command, from the microcode on ATA hard disk drives in Intel architecture computers (PCs), whereas DBAN is a program that does not use this technique. Secure Erase now offers two methods, secure erase unit and enhanced secure erase (changes in-drive encryption key) - all other methods have been removed.

    The source code for DBAN is written in C, and the size of the source code download is some 37MB (.bz2). Unfortunately, the source code for hdderase does not appear to be available, but, the size of hdderase download is considerably smaller at 84 KB, while the download of DBAN ranges from 1.7MB for the Windows executable, and 2.1MB for the ISO image (both bootable).

    Secure erase is built into the hard disk drive itself and thus is far less susceptible to malicious software attack than external software utilities.

    The SE command is implemented in all ATA interface drives manufactured after 2001 (drives with capacities greater than 15 GB), according to testing by CMRR. A standardized internal secure erase command also exists for SCSI drives, but is optional and not currently implemented in SCSI drives tested.

    The DataSanitizationTutorial.doc which accompanies the download of Secure Erase is quite a very good read on vulnerabilities, etc. especially if you are paranoid about data security.

    DBAN is an example of what the above document refers to as:
    Software utilities that overwrite individual data files or an entire hard drive are susceptible to error or malicious virus attack, and require constant modifications to accommodate new hardware and evolving computer operating systems.

    Note: I have not tried either method, but Secure Erase is certainly the gold standard at hard drive wiping. I would use DBAN only on disks manufactured before and during 2001.

    Clearly, Secure Erase betters the DOD 5220 block erase which cannot erase reassigned blocks, and meets and exceeds the NIST 800-88 Secure Erase standard.

    -- Tom
     
  4. steve161

    steve161 Registered Member

    Joined:
    Nov 22, 2006
    Posts:
    681
    Location:
    New York
    Informative post lotuseclat79, but indulge my noobiness for a second.
    How exactly would a virus attack dban? Insert cd, reboot, wipe. The only window of opportunity would be between the reboot and program start, or can a virus survive the wipe? Is there an actual example of this happening?
     
  5. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    I think that you're wrong. IMO, that paragraph is talking about software like Eraser, R-Wipe and the like, which do the wiping from within the OS.
     
  6. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,097
    Hi lucas1985,

    I disagree. Wiping from inside the OS - as you state - is just as vulnerable to a malicious virus attact as the document from the Secure Erase website distribution.

    The Secure Erase utility, initiates a command on the hard drive which has no further interaction with the OS.

    -- Tom
     
  7. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,097
    Hi benny bronx,

    If a malicious virus has already penetrated the OS environment and is capable of attacking any one process such as a DBAN execution, it would have had to happen at a very low level in the OS such as when the initial drivers are loaded to override DBAN's actions, for example in order to survive. A virus may survive the wipe depending on where it is hiding, perhaps on reassigned blocks on the disk which DBAN appears to not support IMO, but may occur - I do not know for certain.

    -- Tom
     
Loading...
Thread Status:
Not open for further replies.