dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
14
share rss forum feed


angussf
Premium
join:2002-01-11
Tucson, AZ
kudos:4
reply to antdude

Re: dd

said by antdude:

»sourceforge.net/projects/dban/fo···/4739935

I got a Dban forum reply since others and I asked about this:

"This feature is not supported. You can use
sudo dd if=/dev/zero of=/dev/sdX
or
sudo dd if=/dev/urandom of=/dev/sdX,
where /dev/sdX is your memory card."

Is dd's method secured?

Not sure what you mean by "secured" in this context.

The first dd command fills the sdX with zeros, the second with random data. Since it completely fills the disk, wear-leveling shouldn't prevent it from working as the entire disk is written to. Fillings with zeros is faster and the reasoning behind filling spinning disks with random data* doesn't apply to SD cards or flash drives.

See
dd (Unix) - Wikipedia, the free encyclopedia
»en.wikipedia.org/wiki/Dd_(Unix)#Disk_wipe
and
Dd - Destroyer of Disks - Noah.org
»www.noah.org/wiki/Dd_-_Destroyer_of_Disks
* Wiping a Hard Drive with DD - MarkSanborn.net
»www.marksanborn.net/howto/wiping···-with-dd
Due to the way hard drives are made it is often possible to determine what was written beneath the most current write operation. If you write the entire drive with zeros, it will be quite easy to see what data was written before. It will be the one that is not a zero!
--
Angus S-F
GeoApps, Tucson, Arizona, USA
»geoapps.com/
»www.linkedin.com/in/angussf
»geoapps.blogspot.com/


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:3
said by angussf:

(BTW this quote is from Mr Sanborn's article and not angussf See Profile)

quote:
Due to the way hard drives are made it is often possible to determine what was written beneath the most current write operation. If you write the entire drive with zeros, it will be quite easy to see what data was written before. It will be the one that is not a zero!

First off I have no idea what he means by that. If you write a zero you read back a zero. How you read back the "data written before" is a mystery to me.

Also it is my understanding that the DoD standard requires writing zeroes three times not just once. Pretty sure that if that is done you won't be able to read the "data written before" .

But as noted this applies to HD's and not memory cards. Totally different technologies. Different techniques are needed.
--
Don't feed trolls--it only makes them grow!


angussf
Premium
join:2002-01-11
Tucson, AZ
kudos:4
said by StuartMW:

First off I have no idea what he means by that. If you write a zero you read back a zero. How you read back the "data written before" is a mystery to me.

Also it is my understanding that the DoD standard requires writing zeroes three times not just once. Pretty sure that if that is done you won't be able to read the "data written before" .

But as noted this applies to HD's and not memory cards. Totally different technologies. Different techniques are needed.

Hard disks often have some remaining trace of the former data, called Remanent (or Remnant) Magnetization. Writing zeros once can leaves traces of it since the HDD is a physical device and head-to-track alignment isn't perfect as the drive ages. Writing zeros 3 times would erase it more securely, and writing random data would make it much harder to figure out what the RM traces are.

Flash drives store data in a different way, and I don't think that there is any remaining trace of the data after overwriting with zeros. But if you're truly paranoid use the "urandom" version of 'dd' and do it three times.

More info here:
When you delete a file or folder, the area around the place where your data was stored still has some memory called Remanent Magnetization.

The remanent magnetization is the permanent magnetization that remains after the magnetization of the original track is changed to zero (data wiped).

Analyzing the Remanent Magnetization helps some data recovery software programs to recover the wiped data.
Clearing Remanent Magnetization - Secure Disk Wipe
»www.isprotector.com/remanent-mag···ion.html
--
Angus S-F
GeoApps, Tucson, Arizona, USA
»geoapps.com/
»www.linkedin.com/in/angussf
»geoapps.blogspot.com/


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:3
said by angussf:

Hard disks often have some remaining trace of the former data, called Remanent (or Remnant) Magnetization.

I'm aware of that. However reading that requires specialized and expensive equipment. Sure the FBI/CIA/etc can do that as can some data recovery companies. However an ordinary user, in possession of a stolen/discarded drive, is going to read back what was written to it.

The DoD method, of writing 0's 3 times, makes it impossible to read back the original information.

Flash drives store data in a different way, and I don't think that there is any remaining trace of the data after overwriting with zeros.

Flash memory uses charge not a magnetic field to store 1's and 0's. You can Google the physics if you're interested. The erased state of a flash cell is a '1' and they can only be programmed to '0'. To go from '0' to '1' a cell must be erased (vs programmed). Flash memory is also paged based (vs EEPROM) so to change one bit, in a page, from '0' to '1' you have to read the entire page into RAM, erase the page, and program the changed data in RAM back. As I said above I've written code, for many devices, to do all that. Now cards and USB sticks have a built-in controller to do that. However the method is the same.

Now in theory writing 1's (vs 0's for a HD) to a card/stick is just as good at erasing data. However any pattern is going to involve a erase/program cycle at the flash cell level and once the original cell charge is gone it's gone. There is nothing residual to read back.
--
Don't feed trolls--it only makes them grow!

nonymous
Premium
join:2003-09-08
Glendale, AZ
Plus I thought todays large higher density disks made reading what was previously written all the much harder and more expensive.
That the ability to read previously written data was based on older lower density disks.


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:3
said by nonymous:

Plus I thought todays large higher density disks made reading what was previously written all the much harder and more expensive.

That maybe true. I've always physically destroyed HD's that were faulty and couldn't be written with 0's. Gives one a perverse sense of satisfaction bashing them to bits with a hammer
--
Don't feed trolls--it only makes them grow!