Subject: Re: securely erasing a hard disk
To: Thor Lancelot Simon <>
From: Daniel Carosone <>
List: tech-security
Date: 10/21/2005 13:46:00
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

> |    unlike earlier revisions of NISPOM, the 2003 matrix imposes requirements
> |    which make it clear that the standard does not and can not apply to the
> |    erasure of individual files, in particular requirements relating to spare
> |    sector management for an entire magnetic disk.  Because these
> |    requirements are not met, the -P option does not conform to the standard.

Further discussion of these kinds of issues can also be found in The
NetBSD Guide, in the chapter on the cgd(4) driver used for disk
encryption.  In particular:

 discusses the issue of spare sector management potentially leaving
 copies of data un-erased, and a way to manage this risk, and

 provides an example that can be used to wipe the data.

Personally, I prefer to scrub all new disks several times using this
mechanism (rekeying randomly each iteration).  Not because I'm
concerned about preservation of the first image written, but because
this is a good way to exercise the disk surface with 'random'
patterns, and give the sparing mechanisms a chance to detect or remap
marginal or bad sectors *before* I entrust them with real data.


Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.4.2 (NetBSD)