Erasing data, what's adequate in the circumstances?

  • Thread starter Thread starter Richard
  • Start date Start date
R

Richard

I'm going to have to send my HD back to the manufacturer who is sending me a
new replacement.

I don't think there is any critical information on it, though I have bought
things with my credit card over the internet. But, I don't think my card
number is on my HD. Extent of sensitive information is probably just
personal emails and stuff.

What would be acceptable, a format or erasure? I do have Norton's WipeInfo
so could do a government wipe or just a fast wipe. Maybe just a fast wipe
eh? TIA. Rich.
 
Richard said:
I'm going to have to send my HD back to the manufacturer who is sending me a
new replacement.

I don't think there is any critical information on it, though I have bought
things with my credit card over the internet. But, I don't think my card
number is on my HD. Extent of sensitive information is probably just
personal emails and stuff.

What would be acceptable, a format or erasure? I do have Norton's WipeInfo
so could do a government wipe or just a fast wipe. Maybe just a fast wipe
eh? TIA. Rich.
Click to expand...

Fast wipe is good.
 
Previously Richard said:
I'm going to have to send my HD back to the manufacturer who is sending me a
new replacement.
Click to expand...
I don't think there is any critical information on it, though I have bought
things with my credit card over the internet. But, I don't think my card
number is on my HD. Extent of sensitive information is probably just
personal emails and stuff.
Click to expand...
What would be acceptable, a format or erasure? I do have Norton's WipeInfo
so could do a government wipe or just a fast wipe. Maybe just a fast wipe
eh? TIA. Rich.
Click to expand...

Fast wipe (overwrite once) is likely enough. Format might be
problematic. Nobody has a motivation to try to recover data from this
drive and you say that there is low-value information on it at best.

Appropriate security level is determined by attacker motivation, which
in turn is determined (loosely) by possible gain in a successful
attack and attack difficulty.

In your case not wiping the HDD results in a very cheap attack, making
is possibly (unlikely) worthwhile. Wiping it once results in a very
hard and expensive attack for an almost surely near to zero
return-on-investment...

Arno
 
Richard said:
I'm going to have to send my HD back to the manufacturer who is sending me a
new replacement.

I don't think there is any critical information on it, though I have bought
things with my credit card over the internet. But, I don't think my card
number is on my HD. Extent of sensitive information is probably just
personal emails and stuff.

What would be acceptable, a format or erasure? I do have Norton's WipeInfo
so could do a government wipe or just a fast wipe. Maybe just a fast wipe
eh? TIA. Rich.
Click to expand...

Format does not overwrite the data, just the pointers to the sectors
that contain the data. While the HD vendor is very unlikely to be
interested in the data, there is a chance that the HD vendor or some
sub-contractor/employee will keep, repair, and resell your old HD;
and that the new owner will poke around in your old data.

I recommend a wipe of some kind. I like Eraser, but the diagnostics
from the HD vendors usually include a zero-fill utility which, if run
on the entire HD instead of the first few (hundred) cylinders, should
be adequate protection against all but the well-funded gov't labs.
 
Format does not overwrite the data, just the pointers to the sectors
that contain the data. While the HD vendor is very unlikely to be
interested in the data, there is a chance that the HD vendor or some
sub-contractor/employee will keep, repair, and resell your old HD;
and that the new owner will poke around in your old data.

I recommend a wipe of some kind. I like Eraser, but the diagnostics
from the HD vendors usually include a zero-fill utility which, if run
on the entire HD instead of the first few (hundred) cylinders, should
be adequate protection against all but the well-funded gov't labs.
Click to expand...

Eraser is not very good IMO. For one thing there can be data between
partions which it doesn't wipe. Dban is really good as it does a DOD
wipe and destroys partitons at the same time. It is very slow though
and an 80gb HDD takes about four hours to be completely wiped, but
that's using seven passes.
 
Richard said:
What would be acceptable, a format or erasure? I do have Norton's WipeInfo
so could do a government wipe or just a fast wipe. Maybe just a fast wipe
eh? TIA. Rich.
Click to expand...

Tomsrtbt floppy, www.toms.net

Boot it and 'dd if=/dev/zero of=/dev/hdX bs=512'

where X=a for primary IDE master, b for primary IDE slave,
c for secondary IDE master, d for secondary IDE slave.

For a more secure wipe, try 'dd if=/dev/random of=/dev/hdX bs=512'
 
Back
Top