brent timothy saner on 3 Aug 2009 15:40:20 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Hard Drive warranty RMA

Hash: SHA1

Edmond Rodriguez wrote:
I have a very old drive that I figure I might be getting rid of at some
point, but I still use it with the very old machine.   I have been
deleting personal files off of it, but leaving system files and other
things on it.  Say many personal files were removed not using shred, or
it is a file system where shred is not as effective.

it's actually not a TERRIBLE idea, but the problem with that is even if
you overwrite that particular free space with random data, the system
files themselves could have been written over but the journal still
exists, which is a security concern.

beyond even THAT, a lot of the high-end professional data forensics
places can recover raw data from a hard drive even if the entire thing
has been zeroed out. it's terribly expensive since it involves nasty
things like magnetic measurement and the like if i recall correcty, but
they can usually do it with things up to i think two or three
deletes/write overs. that's why things like dban do a minimum of three
passes (whole disk writes) and shred's default is, i believe, 25 passes
(which is really overkill 99.9% of the time, so you can define a
different # of passes).

but if you're just worried about masking the data that might contain
billing information or the like, i'd go with just two or three passes
(unless you're in the NSA or somesuch and these are national secrets or
something)- but they should be whole-disk. it's a kind of all-or-nothing
sort of thing, quite unfortunately. using shred on a particular file is
more geared towards avoiding something like someone just running
testdisk and grabbing the file from the journaled changes- in other
words, it only targets the inode(s) the file occupies (well, occupied
once you run shred).

i hope that was a clear enough answer :)
Version: GnuPG v2.0.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla -

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --