Unusual Question

Doug Hardie bc979 at lafn.org
Fri Jul 14 19:56:17 UTC 2017


> On 14 July 2017, at 02:59, Raimo Niskanen <raimo+freebsd at erix.ericsson.se> wrote:
> 
> This thread reminds me of the argument that you should always encrypt your
> hard disk.  For a remote site you could have the key on a key partition for
> some crypto systems.
> 
> Then all you have to do is destroy the key, which is much easier.
> 
> (For an SSD drive to protect against harcore forensics I do not know how to
> ensure that the data is gone, though)
> 
> 
> On Thu, Jul 13, 2017 at 09:44:30PM -0700, David Christensen wrote:
>> On 07/09/17 02:57, Doug Hardie wrote:
>>> I have a FreeBSD 9.3 remote server that needs to be purged.  I know that rm -rf / will remove all the directory entries, but I need to write over the drive.  I thought that dd if=/dev/zero of=/dev/ada0 might do the trick, but it gives an not permitted error.  The whole thing can crash and burn at the end.  This is an unmanned site so moving drives is not viable.
>> 
>> If the machine has BIOS and the system drive isn't too large, write an 
>> assembly program that fits into the MBR bootstrap code area to wipe the 
>> rest of the drive, assemble the program, write it into the MBR, and reboot.
>> 
>> 
>> Bonus: the program deletes the MBR when done wiping the rest of the drive.

Encryption does not prevent object reuse.  It may delay it a bit depending on the strength of the key generation/algorithm used.  However, the data can be recovered.  Given enough horse power, or good information into the key generation process, the data can be made available.  In most cases, it's actually pretty easy.  Overwriting is the only method that makes the information non-recoverable (and still leaves the media useful).

Years ago in the USAF, we used to use a power sander to remove all the oxide from the disk.  It left a bright, shiny aluminum disk that had no information on it.  The bits were still there on the oxide particles, but the sander blew them all over the place and its highly unlikely that anyone could have gathered them all up, let alone put them back into the proper order.  One of those disks was made into a going away memento and is displayed here.  The other option was a thermite grenade which was tested and verified was extremely effective.  Even the platter vanished.



More information about the freebsd-questions mailing list