Data Destruction HOWTO

From Free Geek Seattle
Revision as of 01:57, 29 March 2015 by Koanhead (talk | contribs) (→‎Using shred)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Get a device[edit]

At receiving[edit]

Data destruction, when done right, takes a long time. The donor is not likely to want to hang around and wait until it's done. Therefore, we need to store the devices securely while they wait for wiping. When we receive a donation, we need to get it to Evaluation ASAP. During Eval the drive(s) need to be pulled.

From storage[edit]

Secure storage for devices needs to have its own inventory, which needs to be checked against the contents every time the storage is opened. This can be as simple as a list on the inside of the door, but we need to have it.

Currently (as of 2013-05-05) drives to be wiped are stored in a blue toolbox marked "Drives to be wiped". This toolbox should be kept locked. Whomever leads the events at FCS should hold the key for the duration of the event. Hopefully someone trustworthy at FCS can keep the key between events, otherwise we need to invent a secure way to keep the key. There is no inventory list for the contents of the box as yet (when I left all the drives had been or were being wiped) but we'll have to stick one in the box next week.

Wipe device[edit]

Using DBAN[edit]

http://www.dban.org/

Using wipe[edit]

http://wipe.sourceforge.net/

Using shred[edit]

https://www.gnu.org/software/coreutils/manual/html_node/shred-invocation.html

Shred is part of coreutils, and therefore should be present on most GNU/Linux installs by default (not on android, nor part of BusyBox)

It looks to me as though shred is a bit faster than DBAN, but it's hard to tell with so few trials.

Here's the command as I've been using it: 

sudo shred -zvf /dev/sda

This does three randomizing passes on /dev/sda with a final pass of all zeroes. Before running shred, it's a good idea to do 

lsblk -d

to list available block devices. We want to shred anything called sd[a-z]. Don't shred sr0, that's an optical drive.

NOTE that it's probably possible to glob all block devices by typing 'shred /dev/sd*'. This is a BAD IDEA for several reasons, not the least of which is that you might overwrite your live media! So, don't do it, k?

One reason why globbing is a bad idea is that the shell will shred the devices one at a time, making an already time-consuming process even longer. If you really feel the need you can do 

 for device in $(lsblk -lnd | cut -f 1 -d ' '); do shred -zvf $device; done

but that's a lot of typing!

Disks that don't work[edit]

Some disks aren't recognized by the kernel or by BIOS, or won't work for some other reason. We can still remove their data like so:

Now that's what I call destruction.

That's a platter from inside the hard disk drive. It's been scratched, bent, broken in two, and had powerful magnets (next to it in the picture) rubbed across it. It should be pretty hard to read now.

Return device to inventory[edit]

  1. Label device as wiped
  2. Mark as such in inventory
  3. Place in appropriate location
Retrieved from "http://freegeekseattle.org/wiki/index.php?title=Data_Destruction_HOWTO&oldid=3062"