On Sun, 6 Feb 2005, Denis Lagno wrote:

>> The goal of this program is not to stop any freak with special
>> controller or oscilloscope - 3 times with random data might be
>> enough here - but to raise time needed to restore data or
>> make it too expensive for government authorities (at least
>> if you're not involved in serious crime).
>
> IMHO if one needs more than 3 times with random data, then
> he just should use something like cgd and do not allow
> unencrypted data to touch magnetic media at all.
>

Yes, I do this while moving disks to cgd.

And I use the random-key cgd overwriting before my WritePassRandom()
is finished:

#!/bin/sh
cgd=cgd0
dev=/dev/sd0d
rawsl=d
i=0

while [ $i -lt 4 ]; do
         echo Run $i ...
         i=$(($i+1))
         cgdconfig -s $cgd $dev aes-cbc 128 < /dev/urandom
         dd if=/dev/zero of=/dev/r"$cgd""$rawsl" bs=64k
         cgdconfig -u $cgd
         sleep 120
done


-Florian