Slashdot Mirror
Study: 78% of Resold Drives Still Contain Readable Personal or Business Data (consumerist.com)
itwbennett writes: Blancco Technology Group, which specializes in data erasure, bought 200 secondhand PC storage drives (PDF) from eBay and Craigslist to see if they could recover any of the old data saved inside. Their findings: 78 percent of the drives contained residual data that could be recovered, 67 percent still held personal files, such as photos with location indicators, resumes and financial data, and 11 percent of the drives also contained company data, such as emails, spreadsheets and customer information. Only 10 percent had all the data securely wiped, Blancco said. The Consumerist points out that Blancco makes their money from promising secure data erasure, so the company has a "strong and vested interest in these results." As for why so many of the drives contain unwanted information, the report says it has to do with the difference between "deleting" data and "erasing" data. Your files aren't actually deleted when you drag them to the Trash or Recycle Bin, or by using the delete key -- shocking, I know. You can format a drive to erase the data, but you have to be careful of the format commands being used. A quick format, which was used on 40% of the drives in the sample, still leaves some residual data on the drive for someone to possibly access. A full format, which was used on 14% of the drives, will do a better job in removing unwanted files, but it too may still miss some crucial information. The solution Blancco recommends: buy a tool to perform complete data erasure.
dd if=/dev/zero of=/dev:sdb
or for the paranoid
dd if=/dev/urandom of=/dev/sdb
Why buy an expensive product when a simple one-liner will do the same job
Delete the block containing the keys.
For this threat model, this is the perfect answer (if you trust the encryption, that is).
No need for some "secure erase" snake oil.
Loads of free open source options available for this specific task.
In linux just dd it over with zeroes. Yeah, I know all the paranoid stories about the nsa being able to read the previous value of a bit using advanced magic. Even if that would be possible it would be way too expensive just to recover someone's bedroom pictures.
If the data on your old disk so so sekrit that you need to worry about that, don't resell it. Smash it with a hammer. You can't trust *any* erasure method fully, because disks contain controllers and spare storage and caches. You'll never be sure you got it all.
You don't have to buy a secure hard drive erasure tool, DBAN does a reliable job for most drives and is free. SSDs are a new kink in the mix that means that some really advanced tools could retrieve data from the drives, even after a complete wipe but, if you're going up against people that dedicated, I recommend a sledgehammer instead.
"Be particularly skeptical when presented with evidence confirming what you already believe." -
There's some real weird people out there. Much better that the cookie cutter "pro" stuff.
Why do people even sell old hard drives, let alone BUY used drives that may be full of bad sectors or viruses?
-=This sig has nothing to do with my comment. Move along now=-
The article says:
"A full format — used on 14% of the drives — will do you a little better, but may still miss crucial information."
What crucial information may still be missed?
What's with this Ad posing as an article... Anyone who even remotely know anything about computers, know about Dban.
Paper I read stated that with 2 full random wipes of a hard drive, the chance of successfully recovering a 32bit piece of information (an IPv4 address) was in the 4..6% range. Chance drops to less than one percent if done as follows: Delete file in OS, use the drive for a few days, two wipes.
If that's not good enough, you go to 3 or 4 wipes with pseudorandom. The chance of getting 32 bits back then is about the same as hugging Jackie Chan. If more peace of mind is needed, you're better off shredding that hardware.
Windows has an uncountable amount of programs that allow for disk wiping. If you're using a Linux distro, you've got at least two packages on your system that allow you to securely wipe drives.
Laziness is the cause here, not because your licence cost wasn't in the thousand dollar range.
I really miss the wit of the old editors in the "from the xyz dept".
If the data in 22% of disks were unrecoverable, either the drives were broken, or the previous owner was very paranoid, or they have been used to store something very valuable.
a) "duh" to the entire article
b) Is Faildot selling ads masquerading as articles these days?
I already bought a data erasure tool years ago, it's my trusty 16oz ball peen hammer.
Have you ever fallen asleep at the keybhanusdiog?
"Craigslist" and "Hard drive" used in the same sentance I'm expecting either an interesting story or a punchline at the end of it.
1) Use one of the many freely available utilities to overwrite the entire drive
2) Use a script to fill the drive with randomly named copies of goatse, tubgirl and other such wonderful images. Throw some of them into other document formats as well, just to keep things interesting. For added fun, make sure all the MS office documents are infected with macro viruses. Bonus points if the random names are made using a list of enticing words like "password", "private", "taxes", "accounts", etc.
3) Delete all the files and sell the drive.
Anyone who recovers the files and looks at them will immediately regret it.
Paper I read stated . . . . . . .
One of the problems in this area is that people are writing papers based on information that was true 20 years ago but is no longer valid today, due to the massive increase in bit density of modern hard drives. A single wipe renders data unrecoverable, even with super-secret NSA government magic.
I have a hard time seeing how it is worth the effort to sell an old drive. They are worth so little on the used market that it generally seems to make more sense to either toss them in the closet to rot in peace, or seek out a place that can properly dispose of them.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
78% of Crapdot stories are worse under the new editors.
What's your baseline? Because if you mean Dice time, I completely disagree.
The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
This story bugs me in part because there's a pretty blatant conflict of interest.
The Consumerist points out that Blancco makes their money from promising secure data erasure, so the company has a "strong and vested interest in these results."
There's every reason to want the results to seem as severe as possible because that drives sales. While not necessarily invalidating the results, it's like trusting Coca-Cola to impartially study the effects of sugary drinks on health, ExxonMobil to study the impacts of burning fossil fuels on climate change, or the makers of any dietary/weight loss supplement to study the health effects of their product. There are always ways to tweak the methodology to get the desired outcome. With this study, the obvious way to bias the results is to buy hard drives from people who might appear to be more or less technically skilled based on the content of their listing and profile.
I'm not saying that there's such a bias here but the possibility has to be considered. That's the problem with these types of studies. And when it's linked to a product like that, it reads very much like a Slashvertisement. I don't actually think Slashdot received any money for this story or any others, but I don't think it's good journalism.
The details of their bank account for you to send money to.
All of it. A full format re-writes the file tables and the sectors but, the data is still there and can be pieced back together. It's really hard to reassemble files if they are badly fragmented but, you can capture the majority of data, especially for common file types. Images are really easy to pull. Videos are hard to get intact due to fragmentation but, you will get, at least, some of it. In order to clear the drive, you have to, at minimum, write 0s to every bit on the drive. That requires either a tool like DBAN or some of the linux commands suggested in these threads. That'll keep the standard wannabe data thief on ebay or the pervy guy at Best Buy away from your data. If you're up against anyone more serious than that, destroy the drive.
"Be particularly skeptical when presented with evidence confirming what you already believe." -
Can Intelligence Agencies Read Overwritten Data?
Daniel Feenberg
National Bureau of Economic Research
Cambridge MA
Claims that government intelligence agencies can recover overwritten data on disk drives have been commonplace for many years now. The most commonly cited source for this claim is a paper, "Secure Deletion of Data from Magnetic and Solid-State Memory", written by Peter Gutmann in 1996. Gutmann believes that an overwritten sector can be recovered under examination by a sophisticated microscope and this claim has been accepted uncritically by numerous people.
However, all of the references cited by Gutman refer to experiments where Scanning Tunneling Microscopy was used to examine individual bits, and some evidence of previously written bits was found. Although there is a lot of literature on the use of Magnetic Force Microscopy(MFM) or Scanning Tunneling Microscopy (STM) to image bits recorded on magnetic media, the apparent purpose point of this literature is to test and improve the design of hard drive read/write heads, not to retrieve overwritten data. While I agree that overwritten bits might be observable under certain circumstances, Gutmann doesn't cite anyone who claims to be reading the under-data in overwritten sectors, nor does he cite any articles suggesting that ordinary wipe-disk programs are not completely effective.
Gutmann claims that "Intelligence organizations have a lot of expertise in recovering these images", but, out of the 18 references in his paper, none refer to anyone actually doing that. Subsequent articles written by many other authors do make that claim, but they only cite Gutmann. Charles Sobey has written a paper "Recovering Unrecoverable Data" with some quantitative information on this point. He estimates that it would take more than a year to scan a single hard drive platter with current MFM technology, and tens of terabytes of image data would have to be processed.
In one section of Gutmann's paper he suggests overwriting with 4 passes of random data, probably because he anticipates using pseudo-random data that would be known to the investigator. However, a single write is sufficient if the overwrite is truly random, even given an STM microscope with far greater powers than those in his references. In fact, data written to the disk *PRIOR* to the data whose recovery is sought will interfere with recovery just as much as data written after -- the STM microscope can't tell the order in which data is created. It isn't like ink on paper, where later applications are physically on top of earlier markings.
After posting this information to a mailing list, I received a reply suggesting that the recovery of overwritten data was an industry, and that a search on Google for "recover overwritten data" would turn up a number of companies offering this service commercially. Indeed it does turn up many firms, but all are quite explicit that they can only recover "overwritten files", which is quite different from overwtitten data. An overwritten file is one whose name has been overwritten, not its sectors. Likewise, partitioning and formatting typically affect only a small portion of the physical disk, leaving plenty of potential for sector reads to reveal otherwise hidden data. There is no implication in any of the marketing materials that these firms can read physically overwritten sectors.
Of course it has been several years since Gutmann published his original paper, so maybe microscopes have gotten better? Yes, but data densities have gotten higher too. I spent some time looking at STM websites and failed to find a single laboratory claiming it had an ability to read overwritten data.
Recently I was sent a piece by Wright, Kleiman and Sundhar (2008) who show actual data on the accuracy of recovered image data. While the images do include some information about underlying bits, the error rate is so high that the results are nearly useless, with recovery of maybe one word out of several thousand.
The requirem
For clarification, it's not unrecoverable. It's just so cost prohibitive and time consuming to recover it that recovery is unreasonable. A subtle difference but, important if they want you bad enough that they're willing to throw years and millions of dollars away to get you.
"Be particularly skeptical when presented with evidence confirming what you already believe." -
Think of a disk as a stack of paper. A 'format' operation would claim the first few sheets for itself and clear them entirely to make room for a future table of contents while only scribbling a tiny page number at the bottom of all the other sheets for future reference from the aforementioned TOC. This action would indeed touch every page in the stack, but it would leave the vast majority of the pages' surfaces untouched. Any writing that's already present on the pages would remain there unscathed, it just won't be accessible through the freshly created TOC anymore. Yet anyone willing to just start reading the pages themselves would be able to gather information from them. It may not be convenient and stuff may be shuffled quite badly, but the information won't be gone.
Transposing this anology back to computer storage, you need to make sure that every available bit is overwritten in order to get rid of information that was previously there. Overwriting with zeroes is considered by many to be sufficient, while others claim that some residual information will remain. This can be countered by writing absolute garbage to every bit so that any residual information will drown in the sea of noise created by the randomness.
The interesting part is the question of how to be sure you're actually able to overwrite *EVERY* single bit of writable information on the device in this manner. Modern drives contain all manner of clever tricks like wear leveling (SSD's), caches and remapped sectors that your operating system won't necessarily know anything about. So for all intents and purposes you may tell your drive to overwrite every single bit of information present, you can't be 100% sure it will completely obey this command.
A threat like this is highly theoretical though. If your infosec is up against an adversary with the capability to squeeze usable data from residual caches and relocated sectors of a drive, you have much bigger problems. For all intents and purposes, you should completely overwrite the drive with random bits before reusing it and be done with it. If you absolutely require anything more, you should physically destroy the drive medium itself. In this case, however, I'd also hire someone competent to actually secure your entire operation because you're probably facing much bigger problems than this.
As mentioned earlier, dd does a fine job of zeroing drives making any actual data recovery nearly impossible. For those that don't trust or understand how to use dd, there is the DBAN live cd which you can set to run multiple passes with zeros or random data etc and doesn't require any real computer knowledge to run.
One of the things I do is data recovery and I can say with absolute certainty, one pass with zeros IS enough to prevent any useful data from being recovered.
I use "shred", part of coreutils on Fedora. I wouldn't be surprised if it was common on other distros.
It is wipe. Prefer DOD wipe.
I've not been impressed with the editing, as well, but I find the moderation to be much more disruptive these days. I've had to start browsing at -1 all of the time just to see perfectly fine comments that are at -1 for some reason. It defeats the purpose of having a mod system if I have to disable it all the time, ya know? Once a good comment ends up at -1 it's like it never gets seen by the mods again, so it will likely remain at -1. I think that anyone with mod points should automatically be shown the -1 threshold view so that they see all comments. At least that allows for the comment to possibly be modded up to its rightful score. Otherwise some other way is needed to get wrongly -1 comments back up. Maybe any comment that's at -1 ends up at 0 again after 10 minutes for instance. Well regardless of how it's fixed this is a problem that needs to be fixed. Most submissions here get well under 100 comments, and nearly all are below 200. It's not 2001 any longer, when many submissions here would easily get 500 or more comments. Comments are scarcer now, so their value is higher. That's why a badly modded comment is a serious problem now. We need to see good content, not have it suppressed.
We do all the above. Then run a very powerful electro-magnet over it. Then smash with sledge hammer.
The scrap price of drives isn't worth having our info seen.
Rather than buy... Use Darik's Boot and Nuke.
ou still have to cope with Blancco's ads, but it does do the job
Y
The source is bias, but using a second hand drive is as bad for the buyer as it is for the seller.
old data could be exploited.
back doors/exploits could be pre-installed.
it isn't worth it.
storage is cheap, buy new from a reputable source.
DBAN will boot and nuke all data, with many options of overwriting.
It's free. Works independent of the OS.
At least for hard disk drives, what happened to just using the low level tools? .iso file that is distributed.
Historically it was dead easy to run them from DOS. Still looks like it's possible, e.g. with Seagate it's an
See there, page 6/20, section G. : (an emphasis added)
http://www.seagate.com/files/s...
Seagate is not responsible for lost user data. Erase Drive is available for Seagate or Maxtor drives only. ... BLAH BLAH BLAH
Five choices are available under this section:
Secure Erase. This method uses the drive firmware to erase the data by overwriting the data
with zeros. In Enhanced Erase mode, all previously written user data shall be overwritten,
including sectors that are no longer in use due to reallocation. Secure Erase requires a user
password to run which is deleted at the conclusion of the procedure. If your drive does not have
a user password, SeaTools for DOS will set a temporary password "idrive" without the quotes.
This password will be removed at the end of the Secure Erase so you never need to actually use
it to access your drive. If
No idea if you have a UEFI computer, maybe you need to use BIOS emulation, maybe it works, maybe it doesn't because you lack BIOS emulation etc.
But then, they've got a Windows version as well. The pdf for that is harder to read says it's from October 2015. It has a changelog.
It's more terse but says stuff like :
http://www.seagate.com/files/w...
- SED Crypto Erase
Self-Encrypting Drive Instant Secure Erase. If the drive supports hardware
encryption, this menu will be displayed. Like Full Erase this command will permanently destroy
access to all user data on the drive, but will do so by the erasure of the drive encryption key which
takes less than one minute to complete. Both SAS and SATA drives are supported, but the boot
drive should not be listed as an available choice.
- Sanitize Erase
Write zeros to all user data sectors on the SATA drive including unallocated and
cache sectors. This command is mostly found on SSD drives
Failing vendor tools, see what the FLOSS punks have
https://tinyapps.org/docs/wipe...
So, a quote, with a bolding on what I thought was fun.
Explanation
According to National Institute of Standards and Technology (NIST) Special Publication 800-88: Guidelines for Media Sanitization, Secure Erase is "An overwrite technology using firmware based process to overwrite a hard drive. Is a drive command defined in the ANSI ATA and SCSI disk drive interface specifications, which runs inside drive hardware. It completes in about 1/8 the time of 5220 block erasure." The guidelines also state that "degaussing and executing the firmware Secure Erase command (for ATA drives only) are acceptable methods for purging."
Benefits
Can securely wipe most PATA/SATA hard drives manufactured this century
Reportedly restores peak performance to SSD drives (though SE fails to securely wipe some SSDs) [hummm...]
hdparm/Linux offers much better hardware support than HDDErase/MS-DOS
Overwrites blocks marked as bad by the hard drive (which DBAN and similar tools ignore)
Though speed (vs. block erase wiping tools like DBAN) is often cited, the difference is negligible.*
I concur. Dice was Ramsey Bolton and the question is whether current management wants to be Reek, Theon Greyjoy or John Snow.
They started off doing a good Theon impression but I'm seeing more and more Reek with purposefully clickbait written article summaries recently.
Democracy is a sheep and two wolves deciding what to have for lunch. Freedom is a well armed sheep contesting the issue
Or buy DBAN. Oh wait... That's free.
Just use disk encryption.
I've been using /dev/target
shred -vf -n 1
myself to overwrite with pseudo-random data. Seems to come with pretty much every Linux distro, and appears to be purpose-built for secure erasure. It supplies a regular progress update, allows for multiple passes (hence the 1, it defaults to 3), and even allows for a final "zero pass" for the paranoid who want to hide the fact that they did a secure delete.
--- Most topics have many sides worth arguing, allow me to take one opposite you.
For further clarification, I once read about that story after I was pointed out I was wrong to believe in it.
Even back then it was a rather speculative paper, and consisted in looking after every single bit trying to find remanence, like, mmmm.... I think there's 70% probability there used to be a 1 here.
So I'm feeling like it has never been possible, but we could wonder what can be done today, if throwing millions of dollars at an old 20MB or 10MB hard drive.
...but my father in law uses his backhoe bucket or dozer (depending on what he has fired up at the time of need) to flatten them.
I always thought thermite sounded fun.
easy. Blancco is too expensive for their options. I wipe HDD's all the time, and these two options cover all the bases.
work just fine for me.
Several of my clients are in the data discovery business, recovering data from old drives for use in trials, lawsuits, insurance claims, etc. There is *nothing* they can't get off a drive, even one erased with the current DoD spec'd tools. I know, I saw them do it as a demo for us. They took a drive filled with data and ran an eraser over it that over wrote with 0's, 1's, and random data 20 times (not in front of us, that takes forever). The tech then took the drive apart and realigned the heads a bit and recovered about 40-50% of what was there.
You *can not* totally erase a drive with software. The only way is to erase it first, degauss it, and then drill holes in it. Nuke it from orbit, it's the only way to be sure.
I never throw away an old or damaged hard drive. They're small, so I can keep all of them in a little copy paper box and they make excellent emergency backups of old data.
I am Homer of Borg, resistance is - Ooo Donuts!
CompSurf came with the Old Novell Netware. It wrote every combination of 1s and 0s to every byte on the drive. 20 megs took overnight.
But it no old data would come back from that.
Your average Slashdotter cannot lift a sledgehammer.
I vote for Reek, because cutting the editors' dicks off would be hilarious
For further clarification, I once read about that story after I was pointed out I was wrong to believe in it.
Even back then it was a rather speculative paper, and consisted in looking after every single bit trying to find remanence, like, mmmm.... I think there's 70% probability there used to be a 1 here.
So I'm feeling like it has never been possible, but we could wonder what can be done today, if throwing millions of dollars at an old 20MB or 10MB hard drive.
Everyone keep in mind that some of your more sensitive information like bank account numbers, government ID, um... photographic evidence, has a long shelf life.
So a simple wipe isn't just protecting you from thieves today, it could be protecting you from thieves with a $50 SSD recovery tool years from now, or not if we find out SSDs today are doing something very insecure by future standards.
Discuss.
No. Go back to 4chan.
Regardless of whether Gutman's claims in 1996 were valid back then, they fundamentally relied on loose manufacturing tolerances of certain mechanical attributes of the drives of that era. Drive tech has completely changed in the last 20 years in the race for increased data density, and those old faults are no longer relevant.
That said, if you want to keep your data safe today, there are a few things to consider:
1. Drives are made for reliability as a primary goal, not secure erasure. A drive that detects a fault will silently place a new copy of the data on a sector reserved for migrating away from bad sectors, leaving the original data in place, never to be overwritten again. No "secure delete" operation will be effective on it.
2. NIST recommends that when security is your main concern, you should be encrypting the data on the drive. When it comes time to wipe the drive, simply erase all copies of the key.
3. If you have any doubt about your ability to wipe a drive, physically destroy it. The risk is rarely worth the $20 you might get for it on the resale market.
John
This does the job, with options aplenty, free and open source: http://eraser.heidi.ie/ Personally I never resell any drives whatsoever, I would rather keep obsolete drives in a drawer.
Remember kiddies:
Don't just format - zero out.
--zero_out
I like DBAN. I've never had issues with it, and you can't beat the price.
Some SSDs use lossless data compression (analogous to gzip) to pack more sectors into fewer physical pages so that they don't have to spend quite as much time erasing pages. To avoid this possibility, you might want to use a cipher to generate noise that the drive's firmware cannot compress.
(1) is even more relevant for SSDs.
(2) is of course the best advice, but many avoid crypto because it can make it hard to recover files even knowing the password, and it can be hard to find a good crypto solution that works on boot if you still use Windows.
(3) is the most relevant for this particular article, and sort of shows why this discussion is unlikely to help many people- no one contributing to this discussion will ever sell a hard drive of theirs.
The best secure deletion method appears to be a claw hammer, some goggles, and a few spare minutes. But I'm puzzled that ANYONE would sell a used hard drive. Your data could be there, and the drive could fail shortly after transfer, leaving the purchaser or giftee pretty well stuck.
Go back to 4chan.
Never been to 4chan or related sites. Been a Slashdot user since 1998. Now you can fuck off.
I love breaking down used HDDs for the magnets, though it makes resale problematic.
The solution I recommend: buy a tool to perform complete data destruction. A large sledgehammer works nicely.
"Shall we play a game?" -W.O.P.R.
There's every reason to want the results to seem as severe as possible because that drives [Blancco] sales. While not necessarily invalidating the results, it's like trusting Coca-Cola to impartially study the effects of sugary drinks on health .. [etc],
It does not matter what the exact percentage is. The point is that many people sell used HDDs with data still present and that people should be more careful; would you argue with that? I can vouch that people do sell used HDDs with data on, having bought a few myself, and even if I happened to buy the only used HDDs ever to be sold in the World with data on them, unlikely as that is, the message to be careful is still valid.
Your claimed parallel with Coca-Cola etc is not a true one. The data on HDDs is a binary issue (will the HDD you are selling have data or not). With sugary drinks it is a matter of degree (we and doctors can argue all night and day as to how much sugar becomes significantly harmfull).
Disk Utility > Erase > Security option > Most secure (DOD 5220-22M compliant)
The best secure deletion method appears to be a claw hammer, some goggles, and a few spare minutes.
But if you do that with your HDD, you might damage the shiny coffee mug coasters inside.
Who ordered that?
The problem is that the editors know nothing.
But I'm puzzled that ANYONE would sell a used hard drive. Your data could be there, and the drive could fail shortly after transfer, leaving the purchaser or giftee pretty well stuck.
I'm rather puzzled that anyone would BUY a used hard drive, apart from data-slurping purposes.
Even if it's still under warranty (can be checked from serial number), there's no telling how much use/abuse the drive actually had.
Use shred -n 7 /dev/sda - dd is hardly sufficient, especially if my finances are involved.
NAME shred - overwrite a file to hide its contents, and optionally delete it
/dev/hda, and those files usually should not be removed. The optional
/etc/fstab file, as documented in the mount man page (man mount).
SYNOPSIS shred [OPTION]... FILE...
DESCRIPTION
Overwrite the specified FILE(s) repeatedly, in order to make it harder
for even very expensive hardware probing to recover the data.
Mandatory arguments to long options are mandatory for short options
too.
-f, --force change permissions to allow writing if necessary
-n, --iterations=N overwrite N times instead of the default (3)
--random-source=FILE get random bytes from FILE
-s, --size=N
shred this many bytes (suffixes like K, M, G accepted)
-u, --remove[=HOW]
truncate and remove file after overwriting; See below
-v, --verbose
show progress
-x, --exact
do not round file sizes up to the next full block;
this is the default for non-regular files
-z, --zero
add a final overwrite with zeros to hide shredding
--help display this help and exit
--version
output version information and exit
If FILE is -, shred standard output.
Delete FILE(s) if --remove (-u) is specified. The default is not to
remove the files because it is common to operate on device files like
HOW parameter indicates how to remove a directory entry: 'unlink' =>
use a standard unlink call. 'wipe' => also first obfuscate bytes in
the name. 'wipesync' => also sync each obfuscated byte to disk. The
default mode is 'wipesync', but note it can be expensive.
CAUTION: Note that shred relies on a very important assumption: that
the file system overwrites data in place. This is the traditional way
to do things, but many modern file system designs do not satisfy this
assumption. The following are examples of file systems on which shred
is not effective, or is not guaranteed to be effective in all file sys
tem modes:
* log-structured or journaled file systems, such as those supplied with
AIX and Solaris (and JFS, ReiserFS, XFS, Ext3, etc.)
* file systems that write redundant data and carry on even if some
writes fail, such as RAID-based file systems
* file systems that make snapshots, such as Network Appliance's NFS
server
* file systems that cache in temporary locations, such as NFS version 3
clients
* compressed file systems
In the case of ext3 file systems, the above disclaimer applies (and
shred is thus of limited effectiveness) only in data=journal mode,
which journals file data in addition to just metadata. In both the
data=ordered (default) and data=writeback modes, shred works as usual.
Ext3 journaling modes can be changed by adding the data=something
option to the mount options for a particular file system in the
In addition, file system backups and remote mirrors may contain copies
of the file that cannot be removed, and that will allow a shredded file
to be recovered later.
GNU coreutils online help:
Report shred translation bugs to
Packaged by Cygwin (8.23-4) Copyright © 2014 Free Software Foundation,
Inc. License GPLv3+: GNU GPL version 3 or later
. This is free software: you are
free to change and redistribute it. There is NO WARRANTY, to the
extent permitted by law.
AUTHOR Written by Colin Plumb.
I was thinking to myself as to how I would skew such a result.
Buy from private parties.
Ask if they have issued a secure erase
Look for as is/no guarantee/untested
It would be simplest to target private non technical sellers who math have take no steps to cleanse data. Buying systems with a "fresh install" might yield data recovery as well. At the core the goal is avoid vendors who might have an automated wipe and consistently exploit weak targets. Even more nefarious would just involve using probing questions.
1) Remove the disk, open it up and extract the platter and smash into tiny bits. If it's a metal disc then get some heavy grit sand paper and sand away.
If you're squeamish about physical destruction, you can always use Darik's Boot and Nuke (DBAN).
You mean you have been a Slashdot anonymous troll. Users sign up for accounts.
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
Relevant reading here. Short version: a single overwrite with random data is fine, but multiple passes are overkill, mostly due to improvements in density and recording density. The only time you would need more is if the drive is old. However, the big failure of most wiping methods is that they miss remapped sectors, so an ATA Secure Erase is necessary if your drive is showing any remapped sectors.
Heh. Still got a 5MB full height drive in the attic. Not parting with any of mah data!
I drank what? -- Socrates
I thought you needed a dolphin?
I drank what? -- Socrates
...Drill press. Any size carbide bit (I like 1/4 inch myself...) One pull through the drive platters. Second pull if I feel like being exceptionally destructive. Send off to recycling.
Works for me.