Wednesday, February 23, 2011

Secure Erase

This summarize the article from Craig Wright. He is a Director with Information Defense in Australia.

In the article, Erasing drives should be quick and easy, he shows us a way to perform secure erase. Also he stated a few FUD on data recovering like:

  • X-Ray machines and scanners will erase a drive;
  • SEM or AFM (electron microscopy will do) could be used to recover data;
  • Government or NSA can read your wiped drives;
The simplest manner to wipe hard disk is using the the firmware Secure Erase command on an ATA, SATA, PATA, etc drives. A full erase using SE takes 30 min to 1 hour to complete. Basically it is quick. It is non-recoverable. It saves all the BS. It removes the need for the FUD that still surrounds us.

Here's the steps to wipe a drive using hdparm utility:

  1. Login as root.
  2. Ensure the drive isn't security frozen (result shows "not frozen"): hdparm -I /dev/sda
  3. Issue command by set user password, Security =Maximum (Master Password = Blank): hdparm --user-master u --security-set-pass Eins /dev/sda
  4. Issue command to confirm the process with the the word "enabled" in the output: hdparm -I /dev/sda
  5. Issue the AT SE command: hdparm --user-master u --security-erase Eins /dev/sda
  6. Issue command to ensure output verification return "not enabled": hdparm -I /dev/sda

References:
  • http://sourceforge.net/projects/hdparm/
  • http://cmrr.ucsd.edu/people/Hughes/SecureErase.shtml
  • https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase