Destructive Windows Script
Grant Edwards
grante at visi.com
Mon Jun 6 17:17:44 EDT 2005
On 2005-06-06, rbt <rbt at athop1.ath.vt.edu> wrote:
>> Just open the raw disk device (assuming your Unix has such),
>> and start writing data to it. Keep going until the write fails
>> at the end of the media.
>
> Wouldn't /dev/urandom or /dev/random on Linux systems work
> better?
Maybe. Last time I found an article on the subject (should
have kept a copy), it suggested certain patterns for the
initial passes, and then random data for the last passes.
The data is converted into one of several RLL encodings (which
encoding depends on the drive). The optimal erase patterns
depended on the encoding used, so you have to use a several
different patterns to cover all the bases.
Googling for "secure disk erase pattern rll encoding"...
Here's a good but somewhat old paper:
http://www.cypherus.com/resources/docs/shred.htm
and here's a newer one that deals more with secure deletion of
individual files:
http://www.usenix.org/events/sec01/full_papers/bauer/bauer_html/
and finally the US Navy's take on the issue:
http://www.fas.org/irp/doddir/navy/5239_26.htm
> It's the kernel's built in random number generator. It'd fill
> the drive with random bits of data.
The "really random" device will block when it runs out of
entropy. It will probably take the kernel a _long_ time to
generate a disk's worth of random data. The pseudo-random
device won't block, but the results aren't quite as secure.
> You could loop it too... in fact, I think many of the
> pre-packaged *wipe* programs are mini Linux distros that do
> just this.
>
> dd if=/dev/random of=/dev/your_hard_drive
--
Grant Edwards grante Yow! I always liked FLAG
at DAY!!
visi.com
More information about the Python-list
mailing list