Unusual Question

Heikki Lindholm holindho at saunalahti.fi
Mon Jul 10 05:48:50 UTC 2017

On 10.07.2017 08:33, Doug Hardie wrote:
>> On 9 July 2017, at 22:22, Matthias Apitz <guru at unixarea.de> wrote:
>> El día domingo, julio 09, 2017 a las 05:34:06p. m. -0700, Doug Hardie escribió:
>>>>> but it gives an not permitted error.  The whole thing can crash and
>>>>> burn at the end.  This is an unmanned site so moving drives is not viable.
>>>>> _______________________________________________
>>> Thanks for the info.  I've never tried the rm approach, but the dd approach seems to work.  After a couple hours the machine became unresponsive and ssh sessions were terminated.  I think the drive is now empty.  I'd like to be able to get it back to verify, but that won't happen.  I still have 3 more systems to do this to.  The others will have to wait for awhile as I may still need them for a few more days.
>> I do not think that this approach worked in the sense of overwriting all
>> blocks of the disk. While walking through at some point the kernel will
>> miss sectors of the disk, for example of memory mapped files of shared
>> libs of other running processes or swapped out memory to disk. And the kernel
>> will just crash or halt and you will notice that as terminating ssh session.
>> Do not rely on the fact that the (sensitive) information on the disk was
>> overwritten. The only secure way is doing this from a system running on
>> some other disk and even this would allow to recover information with
>> forensic tools reading beside of the tracks. Only physical destruction
>> will help, for example burning the thing, as you said.
> The swap space was on this drive so it should be overwritten also.  Physical memory will go when the power goes off.  It would be nice to be able to get the drive back and see just how much was overwritten, but that is not possible. I don't see why dd would not run to completion. The first test I ran it reported that it had cleared over 300 GB on a 500 GB drive.  I may see if I can setup another system here and try that where I can monitor and test the result.

Virtualbox would seem like the obvious choice to see what happens. Just 
set up a system with the same attributes and software versions and the 
same runtime env (daemons).

More information about the freebsd-questions mailing list