Wiping Harddrive Securely

Discussion in 'privacy technology' started by Dregg Heda, Sep 29, 2009.

Thread Status:
Not open for further replies.
  1. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    I am thinking of giving one of my older laptops away, can anyone suggest a free tool which can securely wipe the entire harddrive clean. Thus far I have been suggested DBAN. Any others? Will Heidi Eraser work in a situation like this or does it only delete files? Also will a DOD wipe suffice or should I go for a Gutmann wipe? Thanks.
     
  2. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Referring to your other thread... Giving away an infected laptop, you probably should determine whether the system has a recovery partition or not. You should be able to see this under Control Panel>Administrative Tools>Computer Management>Disk Management. That will tell you whether a simple whole device or partition wipe is desired.

    DBAN is for a physical device, as is HDD Wipe Tool at HDD Guru, or Disk Wipe. If you simply want to erase files, Heidi is probably your best bet, but since that will be the system drive, I assume you'd want to slave it to another PC. At least if I understand what your trying to do (whole device wipe if no recovery partition, everything but the recovery partition if one exists).

    One overwrite is enough. You don't need DOD/etc.

    Blue
     
  3. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    Unless you are giving away the laptop to NSA, a single zero pass should be more than enough :). As for the tool, I am also recommending DBAN.
     
  4. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
  5. Keyboard_Commando

    Keyboard_Commando Registered Member

    Joined:
    Mar 6, 2009
    Posts:
    690
    DBAN + DOD 1 wipe

    Gutmann wipe will take forever.
     
  6. I no more

    I no more Registered Member

    Joined:
    Sep 18, 2009
    Posts:
    358
    Regarding the NSA, I have it on good authority that for drives less than 500 GB, a triple Gutmann should be sufficient (i.e. 105 passes). For drives greater than 500 GB, because of their increased aerial densities, a double Gutmann (sprinkled with some holy water and garlic) should be sufficient. But, who knows, these guys progress so quickly. A quadruple Gutmann may be required in the coming years. :p :D
     
  7. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    D-Ban will do just fine. It's all I use. For any normal system, one pass is plenty. If by some change you have files that would interest the NSA or CIA, you can use a few more passes or erase those individually before wiping the drive. Since no one really knows the extent of their recovery abilities, there's no way to know if more passes will make any difference. Other than taking more time, there's no disadvantage to using additional passes.
     
  8. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    Use D-BAN if you like spending lots of time wiping, 13 hours!

    I would suggest HDDErase, if you meet a few requirements:
    Want to wipe the HPA (it's where a recovery partition is located).
    Have Intel CPU (required by the software).
    HDD is connected to a primary channel (IDE or SATA).

    Benefits:
    10 Minutes per 100gb to wipe (average).
    Is equivalent to physical destruction!
    If HDD has built in encryption, then it supports Enhanced Secure Erase (320gb in 3 seconds) fast Fast FAST! Complete before you have a chance to stir the sugar into your coffee ( or tea for Loyalists).

    HDDErase is a program that access a chip on your HDD that wipes the hard drive.
    This means your HDD already has a wiping program built in at the hardware level.

    Some interesting info:
    Web security, Privacy and Commerce
    By Simson Garfinkel, Gene Spafford

    40% of the size of a drive for badblock remapping?
    Does that mean that for a 100gb drive there is an additional 40gb for remapping?
     
  9. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    Hi guys,

    Thanks for all your responses. Anyway I checked my computer per Blue Zannetti's suggestions and I found no recovery partition. I also tried to access it via the steps suggested on the manufacturers support page and failed to access it. Does anyone know where i could a free, safe and secure download of windows XP? Hopefully I can activate it with the product key of my current install of XP.

    Searching:

    What algorithm does HDDErase use to securely erase the drives? DOD? Gutman wipe?

    Also the issue of hidden reserved storage shouldnt matter since HDDErase will erase the entirsty of the drive includiing any and all hidden partitions right?

    Out of curiosity will the hidden reserve storage areas be known to/accessible to the admin under normal circumstances? Are there any software that can enable one to uncover/access this area and whatever it may contain?

    Thanks in advance.
     
  10. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    Secure Erase Algorithm

    HPA is not accessible from OS without special software. I haven't searched for any of these softwares, so I don't know much about them.
     
  11. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    Do you care to provide proof or techniques from which the NSA can retrieve data that has been overwritten once with zeroes? I have seen experiments done with electron microscopes and the researchers were *not* able to recover anything.

    To the OP: It should be said that another good "wiping" technique is to encrypt the whole drive with AES-256 and a 63 character random password. It is much faster than wiping the thing and will be just as secure (if not more so).
     
  12. I no more

    I no more Registered Member

    Joined:
    Sep 18, 2009
    Posts:
    358
    I was kidding. I don't believe that something overwritten once can be recovered. I've probably said that a hundred times. No one ever listens. That being said, having a triple Gutmann become standard would amuse me.

    I use TrueCrypt if I need to wipe something. Then I overwrite the header for good measure.
     
    Last edited: Oct 1, 2009
  13. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    I think that if we look hard enough..., an in-depth discussion on the advantages of a prime number multiple of Gutmann passes (lovingly termed the Prime Gutmann...) will be found somewhere.... :)

    Blue
     
  14. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    But HDDerase will erase the HPA and all other hidden partitions as well right?
     
  15. Dregg Heda

    Dregg Heda Registered Member

    Joined:
    Dec 13, 2008
    Posts:
    830
    I want the drive to be used after wiping, I assume I wont be able to do this if I use encryption? Thanks.
     
  16. I no more

    I no more Registered Member

    Joined:
    Sep 18, 2009
    Posts:
    358
    Of course you will. TrueCrypt does the exact same thing as wiping software (literally). It simply overwrites every sector with pseudorandom data. Then you can install your OS over that (to destroy the encrypted volume). All good OTFE software should also function as wiping software. However, I don't believe HPA and DCO hidden sectors can be overwritten by these programs. But if you were the original owner of this hard drive, you should know if these exist.
     
  17. Countermail

    Countermail Registered Member

    Joined:
    Aug 7, 2009
    Posts:
    167
    Location:
    Sweden
  18. yankinNcrankin

    yankinNcrankin Registered Member

    Joined:
    May 6, 2006
    Posts:
    406
    Certain manufactures have some machines set up to not allow access to HPA & DCO. You can try and use this http://www.jetico.com/wiping-bcwipe-total-wipe-out/ 30 day full functioning, burn the ISO or make a bootable USB, this program will tell you whether or not you can gain access to the HPA or DCO areas of your HD if they exist. If not you'll have to try another method, but I think this is easiest if you can't get HDD erase to run.
     
  19. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    When you run HDDErase, via UBCD or your own boot disk, if an HPA is present (Extended LBA) it will ask if you would like to wipe that also.
    It does not just wipe it, but gives you the option to.

    Alternatively, on Linux, hdparm can access the security erase chip, as long as there is not a BIOS freeze lock. (With hdparm, my 250GB drive takes about 88 minutes.)

    If there is a BIOS freeze lock, implemented to prevent malicious wiping, only thing to do is to place HDD into another PC for wiping that does not use a BIOS freeze lock for Secure Erase Function.

    I do know about softs to manipulate HPA's, though not how to use the HPA as storage:

    An alternative solution, Seatools v1.09; It offers the ability to reset Max Native Address Size. If an HPA is present Seatools will state Drive Size =xxxx Native Size =YYYY, difference from x to y is the hidden partition. Reset to Native Max and then wipe.

    If you read a lot of posts about wiping, you will notice a lot of conflicting or confusing points of view about the best method or software. The amount of conflicting or confusing points inspired me to find real answers instead of garden fertilizer.
     
  20. yankinNcrankin

    yankinNcrankin Registered Member

    Joined:
    May 6, 2006
    Posts:
    406
    quote Searching HPA is not accessible from OS without special software. I haven't searched for any of these softwares, so I don't know much about them.

    Then.....I do know about softs to manipulate HPA's, though not how to use the HPA as storage:

    An alternative solution, Seatools v1.09; It offers the ability to reset Max Native Address Size. If an HPA is present Seatools will state Drive Size =xxxx Native Size =YYYY, difference from x to y is the hidden partition. Reset to Native Max and then wipe.

    If you read a lot of posts about wiping, you will notice a lot of conflicting or confusing points of view about the best method or software. The amount of conflicting or confusing points inspired me to find real answers instead of garden fertilizer.

    LOL good work mate you really sound like an expert. :D
     
  21. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    Under 40 years old is Brain Fade, over 40 years old and it is Mentalpause. :D

    Rather than edit the post I chose to correct by reposting.
    Hopefully I did not conflict or confuse anybody.

    Speaking of waffling, could you pass the syrup, blueberry please.
     
  22. nikhil_spunky

    nikhil_spunky Registered Member

    Joined:
    Sep 28, 2009
    Posts:
    15
    Location:
    India
    use ccleaner and tuneup utilities...
     
  23. enrico

    enrico Registered Member

    Joined:
    Oct 15, 2009
    Posts:
    25
    afaik, this whole "rewrite your hdd 10.000 with random pattern" is a ridiculous hoax. Just ask the experts of a data recovery center.
     
Loading...
Thread Status:
Not open for further replies.