Any way to wipe this drive?

  • Thread starter Thread starter Guest
  • Start date Start date
Regardless, you do bring up a good point I had not
considered, that if they made a huge blunder and somehow
managed to divert some returned drive to replacement status
without having checked it thoroughly and wiped it, then if
the drive had intact filesystem instead of wiped as far as
OP has, it would expose the original owner's files.

To me it appeared they had tested the drive, decided it was
OK [the fault appeared when the drive had been run for 8 hours or so..] and
sent it out. They clearly had no SOP of wiping such at
the factory level. [i.e. rewriting all the bits, not just
those the OS can see...]
Did you notify Samsung of this? I hope so, that they might
put more attention into preventing it.

As if I could find someone who would know and care?
 
In comp.sys.ibm.pc.hardware.storage kony said:
On 15 Jun 2008 23:09:20 GMT, Arno Wagner <[email protected]>
wrote:
But you snipped out a relevant portion of what I wrote then
replied as if I hadn't written it.

Not true. I did not consider it relevant and I have explained
why. And what I consider relevant is my decision. Anybody
else can make their own decision of course and disagree with
me. But what I cite or do not cite in my posting is not
your decision at all.

Arno
 
kony said:
They clearly had no SOP of wiping such at the factory level. [i.e.
rewriting all the bits, not just those the OS can see...]
This is not a proof they had no SOP of wiping drives
properly, only that one specimen wasn't. I've had plenty of
drives over the years and never had any data remaining on
them when received.

Which says nothing.
Plus, if it was just rewriting what the OS can see, how would it guard
against alternative OS with different filesystem support?

The platter stores bits. Some large percentage of those are available
through its controller, and can be used to build file systems of all
kinds.

But others are ones solely for the use of the drive itself. One example
is spare sectors held in reserve.

But others are even LESS user-accessable; those that in effect, paint
lines on the bare platter for the higher order systems to use. There are
going to be written originally at the factory, likely before the drives
electronics are installed/activated.
How would you have an intact filesystem if they prevented OS from
seeing, which would mean wiping out filesystem?

If Samsung had subjected the drive to through testing/rewriting the
platter bits; it would not have kept an intact user filesystem.
Come to think of it, was this even dealing directly with Samsung or
through a 3rd party? It would be an extremely rare thing if through the
HDD manufacturer directly, these things also tend to create at least
urban myths if not front page news on many tech sites.

It was their warrantee center. Contract or not, it was their agents,
using their policies..
It has a much higher chance of success through trying than
not trying?

Let me know when you find the person I should talk with....
 
In comp.sys.ibm.pc.hardware.storage kony said:
On 15 Jun 2008 23:05:24 GMT, Arno Wagner <[email protected]>
wrote:
I was already aware of this, but it is not a hard drive
manufacturer handling RMAs, and not of someone who has a
malfuncitonal drive they've already wiped out the filesystem
and much data thereon. Show an example of that happening...

The argument here would be that if the HDD manufacturers
do this, then they would keep it secret. That means the
absence of evidence is not conclusive either way.

However, the next closest thing are PC repair shops, and
for them there is evidence. If you do not have proof either
way, you can always try to find an analog situation and
get some indications from there. If you do not understand
that mode of argumentation, not my problem.
Plus, as I'd written if there was something illegal then
destroy the drive.

And I re-iterate, the illegality is not an issue. An issue
is whether it is something you care about being found or not.
Illegality is a rather weak criterion for that.

Arno
 
If Samsung had subjected the drive to through testing/rewriting the
platter bits; it would not have kept an intact user filesystem.

You cannot know that. Even an intense R/W test can reconstruct the
original data afterwards.
It was their warrantee center. Contract or not, it was their agents,
using their policies..

And possibly implementing them the cheapest way possible. Also,
the policies for HDDs in laptops may or may not be similar to
those for RMAed drives. Your samle shows, however, that at
least part of Samsung is not concerned about habding one
customer's data to a different customer.
Let me know when you find the person I should talk with....

I don't think complaining will do anything. Take the object lesson
(wipe your drives before RMA or if you cannot, do not RMA them)
and be done. As to the joker that is only concerned about illegal
stuff, what about passwords, credit-card numbers, personal email and
photographs, etc...?

Arno
 
kony said:
Just send the drive in as-is.  They could not allow anyone
to steal data off of drives as it would ruin their business,

I got a replacement laptop drive from Samsung. It had a complete NTFS
filesystem from someone in Brazil. [He liked Christina Aguilera...]

It failed within days; it would work only when cold. I got a third one
and it was empty...

My drive is a Samsung, so I better make sure it's wiped!

One of the reasons I'd like to RMA it is because I have a RAID-1
setup, and I have heard that different HD brands may be slightly
different in size even if they claim to be the same size. So if I
put in a different HD, the RAID controller might reject it if it finds
out it is slightly smaller than the other drive in the array.
 
In comp.sys.ibm.pc.hardware.storage kony said:
On 16 Jun 2008 17:57:26 GMT, Arno Wagner <[email protected]>
wrote:
Oh? If someone secretly takes data but it never effects the
person whose data was taken would it really matter? I would
have to think this is far fetched, that the person who has a
problem as a results would at least take them to court, it
would be public record and greatly publicized.
Regardless, the idea that we can assume something to be a
risk does depend on it happening, evidence. We could
arbitrarily say there's a real chance of being hit by an
asteroid right where we're sitting right now, but without
evidence of people being hit on a regular basis, the idea
that it's been kept secret is a bit out there.
I understand the argument, but understanding it doesn't
validate it.
On the contrary, if you have nothing illegal, and no effect
ever comes of it because it's that "secret" you imply, we
might as well say it's irrelevant.
There are much much worse things to worry about if one wants
to be unreasonable. There is a greater chance someone has a
virus on their system and all their data was already
exposed. Based on real world evidence, there are real
examples of people's homes being broken into and their
computer stolen thus exposing the data yet everyone doesn't
encrypt all their data. There's a greater chance of someone
just intercepting your mail but everyone doesn't have a PO
box instead of local curbside or community mail. There' s a
greater chance (unless this "secret" is a really, really
well kept one) you'd be kidnapped and forced to give up the
information anyway. There's a chance every time your home
doorbell rings that it is a home invader about to enter.
All these things actually happen, have evidence to support
them, and yet they aren't reasonable to dwell on. There's a
reasonable limit to wild speculation. The world is not 100%
safe no matter what you do, but without any evidence of a
potential problem occurring it would be unreasonable to
assume one.

I think we can conclude this. I have made my view clear,
you have and they are different and based on different
assumptions. I do not see us reaching commong ground here.

Arno
 
In comp.sys.ibm.pc.hardware.storage kony said:
On 16 Jun 2008 13:38:45 GMT, Arno Wagner <[email protected]>
wrote:
... and yet you then attempted to argue against it.
Get over it, you choose what you wrote and so did I, having
at least as much right to state what I did as you did to
snip it.

Well, legally I did not snip, but included part of your message.
There is of course no requirement at all for this, but it is
convenient to include short quotations to illustrate what
I was responding to. In common usenet usage, and because
messages are short, a "short quotation" can be the full message.
The only legal and morel requirement is to make sure the
quoted parts are attributed correctly. This is done here
with a head comment and a matching indention level.

Arno
 
In comp.sys.ibm.pc.hardware.storage [email protected] said:
kony said:
Just send the drive in as-is.  They could not allow anyone
to steal data off of drives as it would ruin their business,

I got a replacement laptop drive from Samsung. It had a complete NTFS
filesystem from someone in Brazil. [He liked Christina Aguilera...]

It failed within days; it would work only when cold. I got a third one
and it was empty...
My drive is a Samsung, so I better make sure it's wiped!
One of the reasons I'd like to RMA it is because I have a RAID-1
setup, and I have heard that different HD brands may be slightly
different in size even if they claim to be the same size.

Ahh, no. But a size claim like "120GB" is not really a size
claim, but an approximation. If you look a bit closer, you will
find your disk size is something like "LBA 312,581,808" (as
Samsung likes to state it) or 312581808sectors of 512 Bytes
each. If you get a replacement that has the same number of
sectors or more, it will work in your RAID1. To identify such
a drive, you can either use something fairly larger (a 160GB
dribe in your case) or look up the exact size of the potential
replacement on the manufacturers website. It is typically
advertised there, because of this RAID issue, and also because
People frequently do not understand what a GB is (namely
1,000,000,000 Bytes).
So if I
put in a different HD, the RAID controller might reject it if it finds
out it is slightly smaller than the other drive in the array.

Indeed. See above on how to get around this.

Arno
 
In comp.sys.ibm.pc.hardware.storage kony said:
On 16 Jun 2008 22:34:52 GMT, Arno Wagner <[email protected]>
wrote:
In comp.sys.ibm.pc.hardware.storage [email protected] said:
Just send the drive in as-is.  They could not allow anyone
to steal data off of drives as it would ruin their business,

I got a replacement laptop drive from Samsung. It had a complete NTFS
filesystem from someone in Brazil. [He liked Christina Aguilera...]

It failed within days; it would work only when cold. I got a third one
and it was empty...
My drive is a Samsung, so I better make sure it's wiped!
One of the reasons I'd like to RMA it is because I have a RAID-1
setup, and I have heard that different HD brands may be slightly
different in size even if they claim to be the same size.

Ahh, no. But a size claim like "120GB" is not really a size
claim, but an approximation. If you look a bit closer, you will
find your disk size is something like "LBA 312,581,808" (as
Samsung likes to state it) or 312581808sectors of 512 Bytes
each. If you get a replacement that has the same number of
sectors or more, it will work in your RAID1. To identify such
a drive, you can either use something fairly larger (a 160GB
dribe in your case) or look up the exact size of the potential
replacement on the manufacturers website. It is typically
advertised there, because of this RAID issue, and also because
People frequently do not understand what a GB is (namely
1,000,000,000 Bytes).
So if I
put in a different HD, the RAID controller might reject it if it finds
out it is slightly smaller than the other drive in the array.

Indeed. See above on how to get around this.

Arno
I think you are missing his point, that he is receiving an
RMA replacement drive and has hopes that what he receives,
which he has no control over, will be as large or larger in
actual down-to-the-byte capacity as the remaining member of
the array.

Yes. But it is not needed to RMA for that reason, you can go
to a different model/brand, if you look at the exact size.

As for my personal RMA experience, I have allways
reeived a drive the exact same size or larger so far.
But that was in only about 6 instances and only Maxtor
and Seagate and one (by now historic) Deathstar.

Arno
 
In message <[email protected]> kony
I think you are missing his point, that he is receiving an
RMA replacement drive and has hopes that what he receives,
which he has no control over, will be as large or larger in
actual down-to-the-byte capacity as the remaining member of
the array.

If it isn't, you contact the company and have them ship a suitable
replacement.

Heard of "fit-for-purpose"?
 
Under Linux do:
  cat <device> | hex

THis will list all non-zero areas and compress the lsiting for
zero areas into one line ach.

The Knoppix CD does not appear to have the "hex" command.
 
The Knoppix CD does not appear to have the "hex" command.

Hmm. You are right, it seems hex is not in knoppix.
''hexdump'' has similar functionality and will also
aggregate lines that are the same.

Arno
 
kony said:
It's worth a try but unless the drive was advertised for
particular raid array purposes, there is no lack of fitness
issue.

Wrong. Thats not what fit for purpose means.
 
In comp.sys.ibm.pc.hardware.storage kony said:
On Tue, 17 Jun 2008 09:20:46 -0600, DevilsPGD
It's worth a try but unless the drive was advertised for
particular raid array purposes, there is no lack of fitness
issue.

There is. A disk-image would also not fit.

Arno
 
In comp.sys.ibm.pc.hardware.storage kony said:
On 18 Jun 2008 11:27:54 GMT, Arno Wagner <[email protected]>
wrote:
Not from the manufacturer's standpoint. Whether the user
and use makes it fit for some exact size is not what the
manufacturer advertised.

The manufacturer happens to also advertise an exact size
in the disk datasheet. They can get away with sending a larger
replacement, but never a smaller one.

Arno
 
kony said:
Not from the manufacturer's standpoint. Whether the user
and use makes it fit for some exact size is not what the
manufacturer advertised.

Thats not what fit for purpose means.
 
If each sector contained nothing but zeros, then you'd have a slightly
easier time to verify the disk. For example, if the data was streamed
into a checksumming tool, then the end result should be a grand total
of zero. If some other programmatically created data pattern is used,
then you'd have to write a tool to verify that the pattern is reproduced.

If I was doing this verification project myself, and I couldn't find
a tool to automatically verify what was written, I might head to
Linux land. Writing programs to work on storage devices isn't that
hard - it really depends on how rusty you are, as to how long it would
take. And the program wouldn't necessarily have to be that long either.
As a friend at work would quip - "yup, that needs a three line program".

To give you a hint, at least in Windows land, there is a port of "dd".
Apparently "dd" can be instructed to copy to "standard out", so if
you piped the output into another Windows tool, like a checksum program,
you might just be able to compute a checksum over the entire data
stream. If the data on the sectors was supposed to be zero, then the
results should be zero.

http://www.chrysocome.net/dd

On my Windows disk, I have a small collection of GNU tools, such as
"coreutils", and in there, I have a copy of "sum.exe". Perhaps "dd"
could be piped into a copy of "sum" from coreutils.

Since "dd" is part of Linux as well, you could also use the same concept
with a Linux LiveCD. (Knoppix and Ubuntu can be booted from their
respective CDs, and you can keep a few small files on a removable
storage device, while working with them. The LiveCDs don't have to
be installed to a hard drive, to do useful work.)

My suspicion is, that DBAN doesn't leave zeros on the disk for all of
its erasing options. At least some of them will have used the
Mersenne Twister, to make random data. (I tried to find a nice manual
for DBAN, but all I found was text files of one sort and another.)
Your first task, might be to find a sector editor and look at just
a couple sectors, to see what kind of a mess you're dealing with.
(I.e. Whether sectors are zeroed, or contain random data.)

"dd" can also be used to write zeros to a drive. In fact, that is
what I've used it for recently, as a means of erasing the "front part"
of a disk drive. Using "/dev/zero" as a source of data, you can
instruct dd to transfer "/dev/zero" to the hard drive, which will
overwrite the drive with zeros. If you then streamed the data to
standard output and piped it to a checksum or to a "word count" program
such as "wc", then you can compute the checksum of all the data,
and also verify the byte count available from the drive. So
there are "toy" programs, and bits and pieces of solutions around.

To use "dd" in Linux to write zeros, this is what you do.

1) Boot Knoppix CD into Linux desktop.
2) Open a terminal window. Type

    sudo dd if=/dev/zero of=/dev/sda bs=512 count=10000

That fills the first 10000 sectors with zeros. The command
syntax assumes /dev/sda is the disk to be hammered. Any time
I'm doing this kind of "surgery", only the disk to be hammered
is connected to the computer. Then, I can't possible make
a mistake with my selection of "/dev/sda" and hammer the
wrong drive. (That is one thing that worries me about using
the "dd" port in Windows - my boot drive would be a sitting
duck if I made a mistake typing in the command. Not so with
a Linux LiveCD, as the CD can't be erased.)

After your erasure pass is complete, then you could use dd
again, to read /dev/sda and pipe the output into checksum
or wc, to compute a checksum and to verify the total number
of bytes read, respectively. (A Linux/Unix guru can easily
improve on the above suggestions. I don't use this stuff
enough any more, to be good at it.)

Thanks for that info. DBAN appears to handle my drive better than
Copywipe did. At the end of the wipe, DBAN mentions that there were
non-fatal errors most likely due to bad sectors. So I had DBAN do a
pass of all zeros, and then I booted off the Knoppix CD. I did a "man
-k checksum", and the only commands relating to checksums are "sum"
and "cksum". So I tried "cksum /dev/hdc" and at some point it
returned "Input/output error". So maybe I won't be able to verify
that the disk contains all zeros. There is also a hexedit command,
and I opened /dev/hdc and it showed all zeros for several pages.
 
Back
Top