gbde blackening feature - how can on disk keys be "destroyed" thoroughly?

Oliver Fromme olli at
Fri Jul 15 11:58:13 GMT 2005

David Kreil <kreil at> wrote:
 > [...]
 > So, even if one doesn't know how to disable device caching, if a typical disk 
 > cash is 8MB, I suppose one could flush it through by writing 20MB. so, if one 
 > has |key|20MB bla| on disk and one wrote |random|20MB bla| that should ge the 
 > "random" bits overwriting the key on disk (but for hardware level sector 
 > remapping but that is a rare event). One would have to bypass the operating 
 > system cache though but I guess you would know how to do that, right?
 > This should take less than 1s on a modern disk, i.e., less than half a minute 
 > for the entire procedure, x4 = 1-2 minutes, which should be fast enough for a 
 > final destruction.

That sounds like you want to overwrite the same location
on the disk more than a hundred times.  That's not even
paranoid, it's completely pointless.

I suggest you read this document, ESPECIALLY the section
"Epilogue" near the end:

It suggests that -- with any modern hard disk drive -- a
few passes (say three) of overwriting with random data are
completely sufficient.

Best regards

Oliver Fromme,  secnetix GmbH & Co KG, Marktplatz 29, 85567 Grafing
Any opinions expressed in this message may be personal to the author
and may not necessarily reflect the opinions of secnetix in any way.

"I invented Ctrl-Alt-Delete, but Bill Gates made it famous."
        -- David Bradley, original IBM PC design team

More information about the freebsd-fs mailing list