Slashdot Mirror

http://www.dban.org/ isn't DBAN anymore. Blanco bought the domain as some sort of bait and switch. Get DBAN from https://sourceforge.net/projec...

DBAN seems to be owned by the company posting the article as well - their front page links to Blancco software and has a comparison chart :

http://dban.org/download

Basically, they're capitalising on corporate dipshittery. It's impossible to attest to the destruction of digital data, because it's so readily copyable. If you must be sure that a given data vessel is unrecoverable, then physically destroy it - unless it's something exotic, it will be cheaper than all that paperwork.

There are some useful features there like license harvesting though - I presume a lot of people wipe a HD and then go "DOH!" as their expensive enterprise software licenses go up in smoke.

You don't need to do it under Windows though - burn a Linux USB and off you go.

Hell, there's a bootable image just for it : Darik's Boot and Nuke

Blancco are just capitalising on ignorance (and risk-aversion in the business community which only tends to regard something you pay for as being a safe bet, despite the usual license agreements which preclude the vendor having any liability anyway).

You don't have to buy a secure hard drive erasure tool, DBAN does a reliable job for most drives and is free. SSDs are a new kink in the mix that means that some really advanced tools could retrieve data from the drives, even after a complete wipe but, if you're going up against people that dedicated, I recommend a sledgehammer instead.

You need to know that it's corporate-grade spyware and malware, and that you shouldn't use it at all. Beyond that, look to the documentation for DBAN, which is the way I recommend to correct the mistake of installing it in the first place, to ensure not a single byte of it remains. From there please Google 'linux distributions' and find one that suits your needs.

http://www.dban.org/ shows it outdated and have a commercial product now? :(

Or just go whole hog DBAN on the drive.

http://www.dban.org/

Such a project already exists.

I'm a fan of Darik's Boot and Nuke. Quick and effective.

While I don't know what dban is

I've never used it. I normally use shred which appears to do the same.

http://www.dban.org/

Shouldn't the shop that supposedly "re-imaged" it busted for fraud? One also might wonder why an FBI agent is using internal FBI resources to "scrub" a non FBI machine that isn't part of an investigation. Finally, these morons don't know about DBAN???

I've been a Slashdotter for 15 years and I had never heard of DBAN until reading your comment and Googling it.

Yea, but do you run a computer repair shop? If not, it's fair to assume you've never heard of DBAN; however, if your income is based in an industry for whom re-imaging computers is standard practice, having not heard of DBAN is a nigh unforgivable offense (and a damn good reason to avoid your shop in the future).

From the front page of the DBAN website:

DBAN users should be aware of some product limitations, including: No guarantee that data is removed

and

Professional data erasure tools are recommended for company and organizational users.

Not as unforgivable now is it?

Shouldn't the shop that supposedly "re-imaged" it busted for fraud? One also might wonder why an FBI agent is using internal FBI resources to "scrub" a non FBI machine that isn't part of an investigation. Finally, these morons don't know about DBAN???

I've been a Slashdotter for 15 years and I had never heard of DBAN until reading your comment and Googling it.

Yea, but do you run a computer repair shop? If not, it's fair to assume you've never heard of DBAN; however, if your income is based in an industry for whom re-imaging computers is standard practice, having not heard of DBAN is a nigh unforgivable offense (and a damn good reason to avoid your shop in the future).

From the front page of the DBAN website:

DBAN users should be aware of some product limitations, including: No guarantee that data is removed

and

Professional data erasure tools are recommended for company and organizational users.

Not as unforgivable now is it?

I won't lie: any day one of these child porn scumbags is caught is a good day. Even so, the story makes no sense. The FBI doesn't know how to remove Spyware? Any technician worth their salt would run DBAN and that would be the end of it.

The current version of DBAN does not wipe the host protected area (HPA) of a hard drive and that is a perfect spot for spyware to hide.

He was trying to get to the GUI on DBAN.

http://www.dban.org/ Nuke it from a boot disk. Its the only way to be sure.

Will DBAN suffice?
Or will we need another program to wipe the cache?

Another question: Let's say data is partially written to a "bad sector", is it even possible to wipe it with random data?
Would this mean everything sent to such a drive must be encrypted before it is sent over the wire?

You're making a funny, but you still have the right idea. I wouldn't ditch any computer that contains my sensitive personal data without securely-deleting the hard disk. There are many software packages for doing this, but I can testify that Darik's Boot and Nuke is easy to use and does the job. And you don't need access to nuclear weapons!

Yeah, your former employers will have to re-install the OS. They will probably want to do that anyway. Actually, they're pretty stupid if they don't.

But in the future, I'd suggest avoid using a work computer for personal stuff.

Agreed. http://www.dban.org/ (although you should probably verify with your IT that they simply reimage old machines).

http://www.dban.org/ Works wonders :)

Boot it, Nuke it. http://www.dban.org/

Way too much work.

I see no need to send a working system back for RMA.

http://www.dban.org/

I could start by inserting the free Darik’s Boot and Nuke self booting CD, and wiping then hard drive. Then just to be extra thorough, I could shoot it several times with my .357 magnum. After that, I could take it back home and drop it off of a nearby hundred foot high cliff a couple of times. That should be more than adequate.

As BluBrick mentions, there are various alternatives to using a gun. After wiping the hard drive with Darik's boot and Nuke, I suppose I could just whack it repeatedly with the pointed end of our thick, heavy, 7 foot long steel digging bar, that I occasionally use for prying loose large rocks when digging by hand. The long, heavy steel bar, is an alternative to using a pick, when inserted into a crack, and prying loose large rocks.

A few blows with a sledge hammer would probably also smash the hard drive adequately.

Here is the link for getting the free Darik's Boot and Nuke self booting CD:

http://www.dban.org/

A few years back, I happened to visit my dentist's office just after he had all of his workstations upgraded. By the medical/dental s/w maintenance vendor's technician. While the tech was standing there, I asked my dentist what he was going to do with all his old PC's. Donate them to a local school, he said. I asked if there was any patient data on them. He told me that the vendor's tech had reformatted the hard drives, so that wouldn't be a problem. I asked him (within earshot of that tech) if he had ever heard of the 'unformat' command. I then suggested that he have the vendor investigate DBAN before letting these machines off the property.

I don't know who is responsible for the loss of patent data under HIPAA regulations. But I'd hope that vendors specializing in medical IT support would.

http://dban.org/

Enough said.

FOG is a PXE cloning solution. http://www.fogproject.org/ Install FOG and storage where you want backups, setup PXE IP on network, and input all MAC addresses you want backed up. Through web interface to clone all. When done backing everything up, put a .img file of DBAN on the FOG server. http://www.dban.org/ Configure it in the FOG PXE boot menu, and make it an option but NOT default. Add appropriate start up flags for the level of wiping you want. Restart all computers you want to wipe, and select wipe option after PXE boot menu comes up.

I suggest you set that option with a password, since it will be available on all computers, not just the one's with the MAC address since only the FOG boot authenticates to MAC, not DBAN.

There is software out there (like D-BAN) which will repeatedly overwrite the data on a hard drive, rendering it unrecoverable. Why not use that, rather than relying on encryption?

Some classifications of data require destruction of media. See NIST SP 800-88:

http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf

In NIST/DoD parlance, what DBAN is cleaning/purging; i.e., either overwrite, or invoke the SATA Secure Erase command. Degaussing is also classified as purging (though the disk becomes unusable AFAIK); degaussing is better suited towards tapes IMHO.

You also need to Validate that it has been done, and document that fact for each drive that has been sanitised.

The OP will have to ask the contract manager at what level the information is considered at (low, medium, high) and then make plans accordingly. If it's high security, one can simply purge the media if you want to re-use the media with-in an organization, but if you ever want to toss the disk (or even if it's in a RAID array and you need to replace because it died), you need to destroy it and record that fact.

So if your EMC/NetApp/Dell array has sensitive information, you can't send it back to the OEM if sensitive data ever touched it: you have to make arrangements with the OEM so that you can destroy it. Ditto for your laptop/desktop drives: if Lenovo/HP want/s the drive back, they can't have it as otherwise you'll be breaking your contract with the government.

There is software out there (like D-BAN) which will repeatedly overwrite the data on a hard drive, rendering it unrecoverable. Why not use that, rather than relying on encryption?

How do you verify that the software does this correctly, and that it hasn't been tampered with? What if a drive is mishandled and doesn't get wiped? And if there's a process to do this correctly and with no chance of failure, is it worth that effort to recycle some old hard drives?

Where I work, hard drives with less-sensitive data can be reused; other ones are ground up into little bits. Data cannot be recovered(*) from a thoroughly destroyed hard drive. What assurance is there for a software solution?

(*) To the best of my knowledge. Maybe NSA can piece together the dust of a hard drive, but I highly doubt it.

http://www.dban.org/

Dariks Boot and Nuke.

Set it to multi-pass with random data to wipe. One pass will be fine to destroy the data. Set higher to impress the management if you have the time.

Attach multiple pATA and sATA drives spread on as many buses as possible. It will run in parallel in those cases and thus finish quicker.

They support military and DOD level wiping (Many passes, many methods of generating patterns and randomness to interleave)

There is software out there (like D-BAN) which will repeatedly overwrite the data on a hard drive, rendering it unrecoverable. Why not use that, rather than relying on encryption?

rm -rf /

You really think data on disk sectors won't survive that?

Once over with DBAN as a minimum. Please.

Their servers probably have a DBAN disk in the boot drive ready to go.

Disclaimer: I feel a lot more detective work should have been done before raiding his place.I also feel the phrase "child porn" has become synonymous with "witch hunt".

Some people have guns and will use them. Taking them by surprise reduces the chances of someone getting shot. Secondly, anyone dealing with child porn and half a brain should have a copy of Darik's Boot And Nuke (or something similar) standing by ready to go on a moment's notice.

Wow, this was the stupidest way to get rid of an incriminating drive. Seriously, I do this with really old drives that I can't be bothered wiping, but this is the sort of thing you should be wiping.

Additionally, it doesn't even take much. Just get Darik's Boot And Nuke then boot from it, et viola.

Also remember, while DoD level security sounds awesome, I know from experience, one random pass is enough. If you don't believe me, you can read about it here page 1, page 2. It explains electron microscopes (the boogeyman of secure wiping), and other methods, will not, in all likelihood, be able to reliably retrieve, such that it could be entered into evidence.

Seriously, so stupid. Besides that, encrypt from the get go, and you're as good as done!

I've found Darik's Boot and Nuke to be sufficient: http://www.dban.org/

Have they tried DBAN?

Is it really? Perhaps I can get some education here. *nix systems come with a tool called shred, which overwrites a file multiple times with random data to provide secure deletion. We also have tools like dban, which will do basically the same thing to the whole drive. How securely do tools like these erase data?

Give DBAN a try. This tool never fails me for any kind of disk I throw at it.

http://www.dban.org/download

I'll enthusiastically second this. I have been running FreeNAS solidly for 2 months now. I have configured 5 x 1.5TB drives in RAID-Z2 configuration. That gives me 4.01Tb of storage, allowing for two simultaneous drive failures without data loss. My final build uses an ECS 945GCD-M(1.0) Atom 330 Micro ATX board with an Intel 1Gb PCI card; I had a lot of trouble getting the network working with a pure intel board (which did NOT have an Intel network controller on it, GRR). While a highly regarded SATA controller worked with the original Intel MoBo, it didn't with my current one, but a cheaper one does. I'm using a 400MW 80 Plus PSU, and Kill-a-Watt says I pull about 75W total while running, motherboard reports that it's running at about 30C. I have 4Gb of RAM, of which maybe 30% gets used, and CPU seems to be around 10-20% generally. Discounting the hardware that didn't work, it comes to about $1000. I also invested in $130 of UPS (which brought it through a 5 second mini-blackout), and a Gb switch. I get sustained 30-40MB/sec, both to/from Vista and Ubuntu systems over a wired Cat-5e home network; far more than needed for use as a HTPC.

ZFS is stunning. I was sure I was missing something when I set it up but - it's - just - that - easy. It's like encountering a bullet train after spending two decades using hand-drawn sledges to get around. Copy-on-write, self-healing, snapshots as easy as sneezing. RAID configuration that would fit into a Twitter message. Hot spares, automatic re-silvering when adding or removing disks. It's about 4 tech levels above what I'm conversant in, which does make me nervous; I have not tried to recover from a drive failure yet. I'd also like to move the OS off the ancient 30Gb boot drive and onto a flash disk, but want to make sure my tertiary backups (mostly external USB drives) are *really* up-to-date. FreeNAS allows export and import of configuration XML files, so hopefully that will be relatively easy.

I did learn that while you don't need to explicitly format the drives, if you have used them for a prior ZFS system you should wipe them before reusing them. I lost three weekends of my life to trying to configure OpenSolaris (the time would have been better spent getting femur piercings). In the process, I briefly had a four drive ZFS zpool. When I tried to build a pool with those plus one more in FreeNAS, Bad Things Happened. I had to use DBAN to clear off the drives, after which everything went fine. I earlier tried FreeBSD, but it refused to boot from a USB CD with the EliteGroup motherboard. Ah, and I did need to modify vm.kmem_size and vm.kmem_size_max, I think both to 4G. That can be done from the FreeNAS config page (99% of FreeNAS management is done from a webpage, similar to router configuration).

As for the $500 device to wipe the drive, this device is expensive because it's a little computer that does a "wipe" of the hard drive data to FIPS 142-2 and NIST 800-88 4 standards.

Well, after putting the drive through that it won't be usable by the copier anymore (unless copier will accept and format any plain-Jane drive, but I seriously doubt that), so why not just get DBAN's Boot N Nuke and be done with it? Or a hammer? Or a gun? Most of those cost less than $500 and meet the same security standards.

http://www.dban.org/download
http://www.dban.org/faq/software

As for the $500 device to wipe the drive, this device is expensive because it's a little computer that does a "wipe" of the hard drive data to FIPS 142-2 and NIST 800-88 4 standards.

Well, after putting the drive through that it won't be usable by the copier anymore (unless copier will accept and format any plain-Jane drive, but I seriously doubt that), so why not just get DBAN's Boot N Nuke and be done with it? Or a hammer? Or a gun? Most of those cost less than $500 and meet the same security standards.

http://www.dban.org/download
http://www.dban.org/faq/software

Many modern file-systems are "journaled" meaning that when you overwrite a file it isn't necessarily written back to the same place. Thus, to be sure a file is really gone you'd have to nuke all data on the drive. A slightly less paranoid approach would be to delete the files you don't want (including emptying recycle bin), then fill your hard disk with files full of 0's (or anything really), then delete those.

I'd put decent money on this: http://www.dban.org/. Possible attacks include:

1) Expensive magnetic probing -- they won't bother for just CP most likely, certainly not the incidental
2) Bad blocks sectors -- This could get the data back if you're unlucky, but I wouldn't worry too much about it.
3) Off sector writes -- I don't know if this actually works or not but I should list it.

Of course you have to physically destroy it to be sure, but if you write 0's over the entire hard drive there are very few people with the knowledge and tools to recover the data. You've already ruled out all those data recovery outfits, at that point it's the big-time spooks and they have bigger fish to fry.

What bugs me is the FBI just showing up and demanding to search my computer...I encrypt at root and I'm not crazy about giving up my data and keys, even if everything I have is legal to the best of my knowledge, they can always get you for /something/.

Talking about Windows, Format DOES NOT WIPE THE DRIVE. All a full format does is set up the file system, and does a read verify. It does not overwrite data portion of the partition.

A good tool is Eraser. http://eraser.heidi.ie/ Use it to securely wipe specific files when no longer needed. As well it allows you to wipe free space on the disk at any time, allowing you to wipe previously deleted files.

If the computer is deemed surplus, and you want to prepare the computer for resale, A PLAIN FORMAT IS NOT ENOUGH. That is how so much sensitive information is found on surplus computers. The data is still on the disk. Wipe it using a tool like DBAN http://www.dban.org/

As far as reading residual data, some people claim 35 passes blah blah blah. This is referencing Gutmann's work, which focused on old drives. It is not applicable on new drives with different encoding techniques and extremely high data densities, and he has said on new drives a single pass of pseudo-random is enough. Anything extra is a waste of time. http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html (read the epilogues)If there is truly confidential data on the disk, the only safe method is physical destruction to ensure nothing resides on remapped sectors, etc. Now, particularly if you have laptops, encryption of customer data is a good preventative measure, as overwriting of surplus hard drives does not help you when a laptop with customer data is stolen from an airport. Truecrypt http://www.truecrypt.org/ is a good encryption solution, though you need some 'workarounds' if you wish to be able to unlock users that have locked themselves out of their container file. It can also do full disk encryption (as can Windows Ultimate/Enterprise)

Note that many modern file systems use journaling or copy-on-write, both of which have the effect that writing to the same file does not necessarily write to the same block. DBAN takes care of this problem, though.

My Ass!

Dariks Boot and Nuke+Replace

"I just wonder if i should ever buy/use a used HD again ?!?"

DBAN it for a few days if that worries you. Electricity is cheap.

http://www.dban.org/download

Notice the lack of anger about the intrusive Apple QuickTime plugin, which fucks over Firefox's MIME handling and is practically impossible to remove.

Never heard of DBaN? Nothing is impossible to remove if you nuke it :o)

In your scenario, I'd recommend running DBAN

Dude - shred is used to write directly to the disk. No files or applications involved here.

The disk's data is completely gone.

What I typically do is stack up disks to be wiped in one box and when I get a bunch of them, plug them into a system with a bunch of IO controllers and boot up DBAN - Darik's Boot and Nuke. A lot easier than wiping disks one by one.

DBAN to the rescue!

http://www.dban.org/

Or use http://www.dban.org/node/68 - good enough for The Government Of Canada so good enough for these disks?