Subject: Re: "Secure" harddisk eraser?
To: Denis Lagno <>
From: Florian Stoehr <>
List: netbsd-users
Date: 02/06/2005 15:44:23
On Sun, 6 Feb 2005, Denis Lagno wrote:

>> The goal of this program is not to stop any freak with special
>> controller or oscilloscope - 3 times with random data might be
>> enough here - but to raise time needed to restore data or
>> make it too expensive for government authorities (at least
>> if you're not involved in serious crime).
> IMHO if one needs more than 3 times with random data, then
> he just should use something like cgd and do not allow
> unencrypted data to touch magnetic media at all.

Yes, I do this while moving disks to cgd.

And I use the random-key cgd overwriting before my WritePassRandom()
is finished:


while [ $i -lt 4 ]; do
         echo Run $i ...
         cgdconfig -s $cgd $dev aes-cbc 128 < /dev/urandom
         dd if=/dev/zero of=/dev/r"$cgd""$rawsl" bs=64k
         cgdconfig -u $cgd
         sleep 120