1 |
Em 12/07/2015 10:03, "Mick" <michaelkintzios@×××××.com> escreveu: |
2 |
> |
3 |
> On Sunday 12 Jul 2015 13:35:25 Marc Joliet wrote: |
4 |
> > Hi, |
5 |
> > |
6 |
> > I have to failed drives that I want to give away for recycling purposes, |
7 |
> > but want to be sure to properly clear them first. They used be part of |
8 |
a |
9 |
> > btrfs RAID10 array, but needed to be replaced (with "btrfs replace"). |
10 |
(In |
11 |
> > the meantime I converted the array to RAID1 with only two drives.) |
12 |
> > |
13 |
> > My question is how precisely the disks should be cleared. From various |
14 |
> > sources I know that overwriting them with random data a few times is |
15 |
> > enough to render old versions of data unreadable. I'm guessing 3 times |
16 |
> > ought to be enough, but maybe even that small amount is overly paranoid |
17 |
> > these days? |
18 |
> > |
19 |
> > As to the actual command, I would suspect something like "dd |
20 |
> > if=/dev/urandom of=/dev/sdx bs=4096" should suffice, and according to |
21 |
> > |
22 |
https://wiki.archlinux.org/index.php/Random_number_generation#.2Fdev.2Furan |
23 |
> > dom, /dev/urandom ought to be random enough for this task. Or are |
24 |
cat/cp |
25 |
> > that much faster? |
26 |
> > |
27 |
> > Any thoughts? |
28 |
> > |
29 |
> > Greetings |
30 |
> |
31 |
> I use urandom a couple of times (3 to 5), because random takes too long |
32 |
and I |
33 |
> don't store state secrets on my disks. Then I dd onto it a final round of |
34 |
> /dev/zero. Finally, run hdparm to securely erase it for good |
35 |
measure.[1] All |
36 |
> of this could be an overkill, but do it out of habit these days. |
37 |
> |
38 |
> It is worth saying that I use haveged to increase entropy: |
39 |
> |
40 |
> [I] sys-apps/haveged |
41 |
> Available versions: |
42 |
> 1.5 |
43 |
> ~ 1.7a |
44 |
> 1.7a-r1 |
45 |
> ~ 1.9.1 |
46 |
> Installed versions: 1.7a-r1(12:46:23 04/21/14) |
47 |
> Homepage: http://www.issihosts.com/haveged/ |
48 |
> Description: A simple entropy daemon using the HAVEGE |
49 |
algorithm |
50 |
> |
51 |
> I should clarify that disks which contained financial data are dealth |
52 |
with a |
53 |
> high speed angle grinder, after I remove the outer casing of the drive |
54 |
and don |
55 |
> a pair of goggles.[2] *Only then* do I recycle the bits left. ;-) |
56 |
> |
57 |
> |
58 |
> [1] https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase |
59 |
> |
60 |
> [2] You can also use a hammer, a drill, or any similar implement which |
61 |
will |
62 |
> completely break the physical disk platters to bits. |
63 |
> |
64 |
> -- |
65 |
> Regards, |
66 |
> Mick |
67 |
|
68 |
A physical damage is what I guess be the best choice for sensitive data. |
69 |
|
70 |
I use to disassemble the HDD and rub a strong magnet over the disks' |
71 |
surfaces. |
72 |
|
73 |
Just my 2c. |
74 |
|
75 |
Best regards, |
76 |
Francisco |