Cleaning your harddrive - Erasing sensitive information
By ShockExcite Media Sdn Bhd
Dear ShockExciterz,
I'm sure many of you out there will not throw away your old harddisk unless you know absolutely its totally useless to the bits. "kiasu" and "heartache" of throwing them away...ahem..either that, using it as an alternative source...however, in a recent study, a research team purchased roughly 100 hard disks off eBay and found half of them to contain sensitive information, including insurance records, biographical information about children, and even blackmailable material such as evidence of an affair...(to some, after reading this..you might be interested to borrow or buy secondhand harddisk after all? well, unless you know what and how to do it..)
Apparently, those folks didn't know that with a Linux boot disk and a little patience, you can securely and easily erase your old hard disks.
computer graveyard
The relics are starting to take up a lot of space and they need to go. But who knows what's on any of them — financial data, secret plans for world domination, etc. Whatever it is, I'm sure it's no good (or bonus for some?)
So what can you do to secure your information before selling or throwing away your old computer? Unfortunately, you need to do more than just format your hard disk. It's not even sufficient to overwrite and fill your hard disk with non-sensitive information. In 1996 Peter Gutmann published a paper describing techniques for making it as difficult as possible for an attacker to recover data from magnetic media. Basically, it comes down to scrubbing the disk a number of times with random data.
In addition to commercial software and services that do this, there are some free tools that can get the job done.
You may want to check out Darik's Boot and Nuke, which is a boot floppy that will automatically scan for hard disks and erase them. This is probably the easiest way to go, but it would scare the crap out of me having this disk anywhere in my house. Label it well.
For those whom has their hands on Linux OS are recommended to try (those whom aren't, can get help from Linux professionals through the internet) we tried using the shred utility that is part of the GNU fileutils package. Here's why I do it this way:
* It's available on most Linux boot CDs
* You can examine a disk before you erase it (regardless of the filesystem used)
* It works on any machine that will run Linux
- Booting Gentoo From CD
We'll be booting from a Gentoo CD (www.gentoo.org/main/en/mirrors.xml )and then running a quick (err. slow.) command to wipe the drive.
Like I said, the software we are using is part of the standard GNU fileutils package, so if you want to use a different flavor of Linux/Unix, that's fine too.
Download a gentoo live cd fJust grab the ISO CD image for your platform. You can find it at /releases/x86/../livecd/install-x86-minimal.iso for PC users and /releases/ppc/.../livecd/install-ppc-minimal.iso for Mac users.
Then use your favorite cd burning app to write the image to a new CD-R.
Boot the CD and wait for the boot prompt to appear. At the boot prompt type the following and hit enter:
gentoo noX
Gentoo Linux will proceed to boot into command line mode.
A Note About Really Old Computers
hard disk piggy back
Several of my old machines can't even boot from CD. The easiest thing to do in this case is just to unplug a newer computer's hard disk and connect the old drive to your new machine. I have a little mini-tower machine (during the Pentium MMX period..I'm sure most of you would remember) that I use all the time for stuff like this.
Just make darn sure you have disconnected all of the drives from your new machine.
Running Shred
In Linux, your first IDE hard drive is called /dev/hda, the second /dev/hdb, and so on. Assuming you only have one drive in your machine, you'll want to wipe out /dev/hda. If you have other disks, you'll need to run the same command for each of the devices.
If you are a *nix person, this would be a good time to mount your disk and examine it before you blow it away for good.
When you are ready to destroy your data, just type:
shred -vz -n 3 /dev/hda
This will write 3 passes of random data to your hard disk, followed by a 4th pass of zeros. It takes some time, so if you don't mind random (suspiciously random) data on the drive, you can skip the zeroing pass by omitting the z flag.
Why only three passes? It comes down to a matter of time versus diminishing returns. There are actually some non-random patterns that can be written to certain types of hard disks that 'saturate' the media more effectively and can be used in-between random passes to further destroy any memory that your disk had of your scandalous data.
Still want the extra voodoo? Run this instead:
shred -vz /dev/hda
Be prepared to let this one sit for a while. For a large drive this will take all day.
Bad Drives
bad hard disk
Sometimes you've got an old drive that just doesn't work any more. The one pictured above makes noises like there are some marbles loose inside. It's just a no-good, dirty hard drive, and it's got bad written all over it.
That doesn't mean, however, that there isn't still a wealth of data on those platters. Your level of paranoia will determine the best course of action, ranging from 'who cares?' to 'get the blowtorch'.
For those whom are interested, you can download the document version for a complete picture based explanation.
ShockExcite Team
www.shockexcite.com/articles/harddrive.doc
Read more articles here
Copyright Notice
This article is copyrighted by ShockExcite Media Sdn Bhd.
You may publish this article on your web site provided that no modification is
to be done to the article text, a link is provided to the article index page
(http://bizpartner.com.my/articles), and this copyright notice is included
in full.
|
Change Currency