[Gllug] Disk Wipe

Grzegorz Jaskiewicz gj at pointblue.com.pl
Mon May 24 15:34:09 UTC 2004


On Monday 24 May 2004 14:52, john at sinodun.org.uk wrote:
> > On Monday 24 May 2004 12:11, Alain Williams wrote:
??? I though I wrote it, wtf.
> > Never do any secure-suppose-to-be operation based on zero filled files!
> > use random.
>
> The problem with using /dev/random is that it will take a ludicrously long
> time for any non-trivial hard disc.  You might manage to wipe a floppy
> that way, but that's about the limit.
>
> As Alain said, if being proof against the average guy in the street is
> enough, then use /dev/zero.
For average guy, yes. If it's SCSI, do low level format. 
if it is a real security matter, like some fed. agency is after you or 
something, better treat it with hammer really badly, and throw it away, or 
wipe at least 10x with /dev/urandom. There is no point using /dev/random, 
which suppose to be almost real random. In that case all it matters is not to 
use predictable set of data. /dev/urandom is predictable only when someone 
knows about all I/O on your computer.
Doesn't matter anyway, average criminal is a clueless guy using windows, that 
considers himself hacker when he is able to password his partition/directory 
with 2 mouse clicks. ;)

-- 
Grzegorz Jaskiewicz
K4 labs
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list