Data Destruction How to Erase your Hard Drive’s so that there is no data leakage from your company...
-
Upload
xiomara-louie -
Category
Documents
-
view
214 -
download
1
Transcript of Data Destruction How to Erase your Hard Drive’s so that there is no data leakage from your company...
Data DestructionHow to Erase your Hard Drive’s so that there is no data leakage from your company and so that your company and officers won’t be held
financially responsible.
By: Lloyd Albin3/9/2010
How this all got started.
• Needing to get rid of more than 3 truck loads of computers (major computer pack rat).
• Known Methods:– Re-Formatting– Re-Partitioning– Overwriting multiple times– Degaussing– Opening and breaking the platters– Cooking in oven
DoD Sanitization MethodsMethod Security Level Description
Clear Low – Reused in HouseModerate – Reuse In House
Software Overwrite
Purge Low – Reused out of HouseModerate – Reuse out of HouseHigh – Reuse in House
Degaussing or using firmware Secure Erase
Destroy Moderate – Reuse NoHigh – Reuse No or Reuse out of House
Disintegration, Pulverization, Melting, Incineration (Hard media like hard drives, memory sticks, etc.)Shredding (Flexible media like Floppy Disc’s)Reduced to nominal edge dimensions of 5mm and surface area of 25mm
Clearing StandardsMethod Times of Overwrite Lab
US DoD 5220.22-M 3 (0x00, 0xFF, Random) Low
US DoD 5220.22-M (ECE) 7 (0x00, 0xFF, Ran, 0x00, 0xFF, Ran, V-Rand) Medium
German VSITR 7 (0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, 0xAA) Low
Russian GOST p50739-95 2 (0x00, Random) Low
Canadian OPS-II 7 (0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, Rand) Medium
HMG IS5 Baseline 1 (0x00) Low
HMG IS5 Enhanced 3 (0x00, 0xFF, Random) Low
US Army AR380-10 3 (Random, 0x00, 0xFF) Low
US Airforce 5020 3 (0xFF, 0x00, Random) Low
Navso p-5329-26 RL (Navy) 3 (0x01, 0x27FFFFFF, Random) Low
Navso P-5329-26 MFM (Navy) 3 (0x00, 0x7FFFFFFF, Random) Low
NCSC-TG-025 3 (0x00, 0xFF, Random) Low
Bruce Schneier 7 (0xFF, 0x00, 5 Random) Medium
Roy Pfitzner 33 (33 Random) V-High
Peter Gutmann 35 (4 Random, 26 specials, 5 Random) V-High
Cleaning Software – Block Erase
• Darik’s Boot and Nukehttp://www.dban.org/
• Eraserhttp://eraser.heidi.ie/
• Active KillDiskhttp://www.killdisk.com/
• File Shredderhttp://www.fileshredder.org/
• Paragon Disk Wiper Professionalhttp://www.disk-wiper.com/
Purging StandardsMethod Times of Overwrite Lab
Secure Erase (ATA-6) 1 (Binary zeros or binary ones)Secure erase does a single on-track erasure of the data on the disk drive, after technical testing at CMRR showed that multiple on-track overwrite passes gave no additional erasure.
High
Enhanced Secure Erase (ATA-6 Optional)
1 (4 byte Vendor Pattern) High
Sanitize Device (ATA-8 Optional)
Settable + Encryption Key ChangeAES 128-bit (256-bit not possible due to US Export laws)
V-High
Degaussing Wand – Low Power – Class I
(Not effective on current hard drives.)Less than 350 Oe coercivity
Degaussing Wand – High Power – Class II
(Must open up hard drive and use directly on the platters)350-750 Oe coercivity
V-High
Degaussing – Very High Power – Class III
(No known device)Over 750 Oe coercivity
Purging Software – Secure Erase
• CCMR Secure Erase (HDDErase) http://cmrr.ucsd.edu/people/Hughes/SecureErase.shtml
• Hddparmhttp://sourceforge.net/projects/hdparm/http://hdparm-win32.dyndns.org/hdparm/
What does Secure Erase do?
• Security Set Password (F1h)• Security Freeze Lock (F5h)• Security Erase Prepare (F3h)• Security Erase Unit (F4h)• Security Unlock (F2h)• Security Disable Password (F6h)
What does Sanitize Device do?
• Sanitize Freeze Lock Ext (20h)• Sanitize Prepare (FFh) *• Sanitize Status Ext (0h)• Crypto Scramble Ext (11h)• Block Erase Ext (12h)• Overwrite Ext (14h)
Crushing and Shredding
844 grams of Thermite Destruction
References• http://cmrr.ucsd.edu/people/Hughes/CmrrSecureEraseProtocols.pdf• Peter Gutmann
http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html• NIST 800-88
http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf• http://mareichelt.de/pub/notmine/sanitizing.html• http://www.t13.org/Documents/UploadedDocuments/docs2009/d2015r2-ATAATAPI_C
ommand_Set_-_2_ACS-2.pdf
• http://ata.wiki.kernel.org/index.php/ATA_Secure_Erase• http://
www.t13.org/Documents/UploadedDocuments/docs2008/e07197r1-T13_Sanitize_Command_Proposal_Overview.pdf
• Overwriting Hard Drive Data: The Great Wiping Controversyhttp://www.springerlink.com/content/408263ql11460147/
• http://en.wikipedia.org/wiki/AT_Attachment• http://www.killdisk.com/downloads/KillDisk_Win5.pdf• http://www.seagate.com/staticfiles/support/disc/manuals/notebook/momentus/5400.
6%20(Wyatt)/100528359e.pdf
• http://www.redbooks.ibm.com/technotes/tips0761.pdf• http://
www.h-online.com/newsticker/news/item/Secure-deletion-a-single-overwrite-will-do-it-739699.html