Re: How to REALLY delete data - HP UX

This is a discussion on Re: How to REALLY delete data - HP UX ; Gerold Krommer wrote: > Hi, > > I have the chance to aquire (for free) a nicely equiped D320 with quite some > storage from one of our customers. The customer is a credit card company and > the only ...

+ Reply to Thread
Results 1 to 8 of 8

Thread: Re: How to REALLY delete data

  1. Re: How to REALLY delete data

    Gerold Krommer wrote:
    > Hi,
    >
    > I have the chance to aquire (for free) a nicely equiped D320 with quite some
    > storage from one of our customers. The customer is a credit card company and
    > the only reqirement from the customer is to reliably delete all data from
    > the data disks (OS is separate and contains no relevant data).
    >
    > How can I delete the data so it cannot be reconstructed in any way
    > whatsoever? dd zeroes all over? Format?


    Please tell us which credit card company this is, so we can avoid it
    like the plague! :-(

    But to answer your questions, including some which you did not ask:

    "not in any way"? Then the only solution is to physically destroy the
    (platters of) the disks. Even LLF-ed (Low-Level Formatted) disks can be
    (partly) read, given the right equipment and time.

    Otherwise, if the disks are to be re-used (as in your case), use "dd
    if=/dev/zero of=/dev/... bs=". If the disks are not going to be
    re-used, i.e. they are going to be discarded, use mediainit(1M). Do
    *NOT* mediainit a disk if you are going to re-use it. Ignore any people
    who say mediainit is harmless and refer them to me, for they probably
    want to buy the nice 300-meter steel tower in Paris which I have for
    sale, real cheap.

    > I guess this isn't even HPUX specific, but since this is a HP machine ..
    >
    > Thanks,
    >
    > /Gerold


  2. Re: How to REALLY delete data

    Frank Slootweg wrote:
    > Gerold Krommer wrote:
    >> I have the chance to aquire (for free) a nicely equiped D320 with
    >> quite some storage from one of our customers. The customer is a
    >> credit card company and the only reqirement from the customer is to
    >> reliably delete all data from the data disks (OS is separate and
    >> contains no relevant data). How can I delete the data so it cannot
    >> be reconstructed in any way whatsoever? dd zeroes all over? Format?


    > Please tell us which credit card company this is, so we can avoid it
    > like the plague! :-(


    Ditto. While they did happen to have the good sense to buy HP
    equipment That they would even begin to consider selling the discs
    with customer equipment on them is Bad News (tm).

    And _they_ should be the ones wiping the discs, not you. As
    trustworthy as you likely are, they should not be trusting anyone
    outside of their organization with the procedure. Unless you happen
    to be a bonafide data security contractor or something.

    > But to answer your questions, including some which you did not
    > ask:


    > "not in any way"? Then the only solution is to physically destroy
    > the (platters of) the disks. Even LLF-ed (Low-Level Formatted) disks
    > can be (partly) read, given the right equipment and time.


    > Otherwise, if the disks are to be re-used (as in your case), use
    > "dd if=/dev/zero of=/dev/... bs=".


    IIRC there are suggestions to do that dd with a number of different
    "if" settings - alternatively writing ones and zeros and perhaps even
    random data to the disc.

    However, as Frank says, the only way to be really sure that the data
    cannot be retrieved is to utterly destroy the discs - where
    "physically destroy" would be some combination of taking a grinder to
    the platter and melting the thing down.

    rick jones
    --
    No need to believe in either side, or any side. There is no cause.
    There's only yourself. The belief is in your own precision. - Jobert
    these opinions are mine, all mine; HP might not want them anyway...
    feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH...

  3. Re: How to REALLY delete data

    In article , Rick Jones wrote:
    > Frank Slootweg wrote:
    >> Gerold Krommer wrote:
    >>> I have the chance to aquire (for free) a nicely equiped D320 with
    >>> quite some storage from one of our customers. The customer is a
    >>> credit card company and the only reqirement from the customer is to
    >>> reliably delete all data from the data disks (OS is separate and
    >>> contains no relevant data). How can I delete the data so it cannot
    >>> be reconstructed in any way whatsoever? dd zeroes all over? Format?

    >
    >> Please tell us which credit card company this is, so we can avoid it
    >> like the plague! :-(

    >
    > Ditto. While they did happen to have the good sense to buy HP
    > equipment That they would even begin to consider selling the discs
    > with customer equipment on them is Bad News (tm).


    You mean data, surely?

    > And _they_ should be the ones wiping the discs, not you. As
    > trustworthy as you likely are, they should not be trusting anyone
    > outside of their organization with the procedure. Unless you happen
    > to be a bonafide data security contractor or something.


    Hey, it could be that the data isn't _their_ customer data. It could be
    their old public-'net proxy, for example. I still wouldn't sell those
    disks unwiped myself...

    I don't use credit cards anyway.

    >> But to answer your questions, including some which you did not
    >> ask:

    >
    >> "not in any way"? Then the only solution is to physically destroy
    >> the (platters of) the disks. Even LLF-ed (Low-Level Formatted) disks
    >> can be (partly) read, given the right equipment and time.

    >
    >> Otherwise, if the disks are to be re-used (as in your case), use
    >> "dd if=/dev/zero of=/dev/... bs=".

    >
    > IIRC there are suggestions to do that dd with a number of different
    > "if" settings - alternatively writing ones and zeros and perhaps even
    > random data to the disc.


    Then there's GNU shred (IIRC it's in the GNU coreutils package nowadays)
    that does just about that - overwrites a file repeatedly. I have here
    one with a man page that says that the default number of iterations is
    25. Works on device special files too.

    > However, as Frank says, the only way to be really sure that the data
    > cannot be retrieved is to utterly destroy the discs - where
    > "physically destroy" would be some combination of taking a grinder to
    > the platter and melting the thing down.


    Yes, either grind the platters down, or heat them beyond the point where
    the magnetics lose it. Or something. A 20-lb hammer might do in a pinch.


    --
    Mikko Nahkola
    #include
    #Not speaking for my employer. No warranty. YMMV.

  4. Re: How to REALLY delete data

    >> Ditto. While they did happen to have the good sense to buy HP
    >> equipment That they would even begin to consider selling the discs
    >> with customer equipment on them is Bad News (tm).


    > You mean data, surely?


    Yes. Sometimes my hands type ahead of my brain

    >> And _they_ should be the ones wiping the discs, not you. As
    >> trustworthy as you likely are, they should not be trusting anyone
    >> outside of their organization with the procedure. Unless you happen
    >> to be a bonafide data security contractor or something.


    > Hey, it could be that the data isn't _their_ customer data. It could be
    > their old public-'net proxy, for example. I still wouldn't sell those
    > disks unwiped myself...


    If they have a system with sensitive data on it, they should be the
    ones wiping it.

    Now, if you are assuming they will have sensitive data on it, but do
    not _know_ the discs will have sensitive data, that might be a
    different story.

    > I don't use credit cards anyway.


    More power to you

    rick jones
    --
    No need to believe in either side, or any side. There is no cause.
    There's only yourself. The belief is in your own precision. - Jobert
    these opinions are mine, all mine; HP might not want them anyway...
    feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH...

  5. Re: How to REALLY delete data

    In article <9nP7f.15376$ub3.8723@news.cpqcorp.net>, Rick Jones wrote:

    >>> And _they_ should be the ones wiping the discs, not you. As
    >>> trustworthy as you likely are, they should not be trusting anyone
    >>> outside of their organization with the procedure. Unless you happen
    >>> to be a bonafide data security contractor or something.

    >
    >> Hey, it could be that the data isn't _their_ customer data. It could be
    >> their old public-'net proxy, for example. I still wouldn't sell those
    >> disks unwiped myself...

    >
    > If they have a system with sensitive data on it, they should be the
    > ones wiping it.
    > Now, if you are assuming they will have sensitive data on it, but do
    > not _know_ the discs will have sensitive data, that might be a
    > different story.


    Isn't supposed to be. In a place like that, if you don't know what's on
    a disk, wipe it just to be safe.

    Now, if you _know_ that the disk only contains your DMZ's public-'net
    proxy cache stuff, or something like that (already-published press
    releases?), then you might decide that it isn't sensitive enough to need
    wiping - particularly if you've contracted out all that to an expensive
    security contractor who charges by the disk.

    I could see requiring a somewhat-trusted buyer to do the wiping in
    _that_ case.

    Mind you, I'd still prefer to see everything wiped in-house.


    --
    Mikko Nahkola
    #include
    #Not speaking for my employer. No warranty. YMMV.

  6. Re: How to REALLY delete data


    a question to Mr. Slootweg;
    You seem to have some experience with mediainit causing issues, is
    there a post somewhere that describes why you do not like using it? I
    would be very interested in reading it as I currently use mediainit a
    lot and maybe I shouldn't be. Thanks.


  7. Re: How to REALLY delete data

    NomadicWolf wrote:
    >
    > a question to Mr. Slootweg;
    > You seem to have some experience with mediainit causing issues, is
    > there a post somewhere that describes why you do not like using it? I
    > would be very interested in reading it as I currently use mediainit a
    > lot and maybe I shouldn't be. Thanks.


    Thanks for asking. Please see the HP IT Resource Center article/thread
    "How/when (not) to use mediainit?" [1]. You will probably recognize the
    (name of the) author. :-)

    [1]
    http://forums1.itrc.hp.com/service/f...94292+28353475
    (on one line)

  8. Re: How to REALLY delete data

    Frank Slootweg wrote:

    > NomadicWolf wrote:
    >
    >>a question to Mr. Slootweg;
    >> You seem to have some experience with mediainit causing issues, is
    >>there a post somewhere that describes why you do not like using it? I
    >>would be very interested in reading it as I currently use mediainit a
    >>lot and maybe I shouldn't be. Thanks.

    >
    >
    > Thanks for asking. Please see the HP IT Resource Center article/thread
    > "How/when (not) to use mediainit?" [1]. You will probably recognize the
    > (name of the) author. :-)
    >
    > [1]
    > http://forums1.itrc.hp.com/service/f...94292+28353475
    > (on one line)

    You are too modest Frank! ) BTW, a 45 cal works good too!

+ Reply to Thread