So you’ve got a hard drive, USB drive, etc and you don’t use it anymore and want to either give it to a friend, donate it to a school, etc, or just plain old ditch it.
Well, normally, you’d just either do a format, or hammer it into pieces. With both options, you run the risk of opening yourself up and letting whomever is interested in gaining your information off of the drive you either ‘formatted’ or ‘destroyed’. As a matter of fact, there was a case several years ago with the state of Pennsylvania.
They ‘donated’ computers to a school. Wonderful idea, great way to save on spending, right? Wrong. Yes, they did save money for the school system, but a reporter got a hold of one of the hard drives and ended up recovering an untold amount of data off of the ‘wiped’ drive.
The only sure fire way to destroy data on a drive is to melt it down. Just destroying the device into pieces won’t do unless you use a special shredder and end up turning it into dust. Even broken into pieces, a DVD/CD can be recovered (at least parts of it anyhow).
Software such as EnCase will allow you to recover data on an amazing amount of destroyed data and I have both seen and heard of cases where criminals had thought they had ‘destroyed’ the hard drive by smashing it with a hammer, but ended up only pissing the investigators off and working harder to find something.
Now, you could either spend thousands of dollars on a hard drive shredder (prices range from $999.99 to $19,999.99) or spend a few minutes downloading and burning a CD/DVD of a tool that I’ve used many times, Darik’s Boot and Nuke (D.B.A.N).
I have used this as I have said many times and for fun, I tried a test. I picked up a smallish hard drive (around 500 meg, it was about $5.00) and filled it with all sorts of documents and pictures. I then ran D.B.A.N on it and handed it over to my a friend who had access to a copy of EnCase. Now, EnCase is one of the premiere forensic tools out there. It has been known to pull data off of things that others could not.
My buddy worked on this drive for several days and was unable to pull anything but a few small snippets off of it and those weren’t really worth enough to do anything. In other words, if this was a criminal case, there’d be no electronic forensic evidence for them to use against me.
You can pick up a copy of D.B.A.N here: http://dban.sourceforge.net/
D.B.A.N is an open source project that is housed on SourceForge’s servers. It can be run from a floppy, CD, DVD, USB Flash drive and supports both IDE, SCSI and SATA hard drives. It’ll work on both the PC and the MAC platforms and can be set to even automatically wipe any hard drive that it sees. It’s protected under the GNU General Public License.
Below are several screen shots of the application in progress and overall, it’s fairly simple to use, BUT…BE WARNED. If you use it, you’re not going to get the data back, so make sure you’re aware of what you’re wiping. This could be both a great tool for saving your ass or for creating havoc within a target’s environment.
Several of the methods used to wipe the data are:
- DoD Short – It over writes the disk 3 times. Fairly long process
- DoD 5220.22-M – It over writes the disk 7 times. LONG process
- Gutmann Wipe – Writes a series of 35 patterns over the device including 8 random and 27 preset data streams.
- Pseudo-Random Number Generation (PRNG) – Also known as deterministic random bit generator. It’s an algorithm for generating numbers that approximates random numbers. It’s not true random, but it’s sufficient for the intended use.
Overall, I like it. It’s cheap (you can’t get any cheaper than free), it’s easy and it’s something that will do the job that it’s intended to.
So what are your thoughts on this? What are some of the tools that you’ve used in the past to erase your data?
As always, let me know if this article was helpful or just a bunch of geek rambling and thanks for taking the time.
Information Security Correspondent
Norm W. is an information security engineer currently employed as a CONUS civilian contractor. He has worked in the computer industry for the past 20 years and holds several security and non-security related IT certifications. Norm has worked with multiple agencies in the private and public sector as well as foreign companies and agencies to resolve information security issues.