Mittwoch Jun 08, 2011

Erasing disks securely

Actually, both the question and the answer are old and well known.  However, these things tend to be forgotten and pop up as questions from time to time.  Hence a little reminder for all of us:

Solaris makes it easy to erase a disk so that all the data can't be restored, even with sophisticated methods.  There is a subcommand "analyze/purge" in the command format(1M) that does it all for you.  It will overwrite the selected area of your disk (usually s2) a total of four times with different patterns to achieve this.  Of course, depending on the size of the disk, this might take a while.  But it's secure enough to comply with Department Of Defence(DOD) wipe disk standard 5220.22-M.  Note however that as of June 28, 2007, overwriting in general is no longer accepted as a method to securely erase data.  Here is a link to the relevant DSS publication.

Some more details are here:

Note that this method does not apply to SSDs of all kind!  And of course, to avoid any risk of losing your data with your disk, simply encrypt it!  It's quite easy using ZFS or Oracle TDE :-)

Update 2015-05-29:

  • The link to the original DoD standard doesn't work anymore and has been replaced by a link to Wikipedia.
  • Here's an additional link to a more recent NIST publication.
  • Note that with modern drives, destroying data with OS or application level tools will not satisfy higher security requirements.  The sector management of these drives might make defective sectors with sensitive data unavailable to such tools - but not to more intrusive methods of active data recovery.  If you want to protect against those, physical destruction is your only reliable option.

Update 2015-09-29:

This is my final comment on this matter:

  • If you are worried about the data on storage devices you no longer use, physical destruction of those devices is the only truly secure option.
  • Encrypt your data right from the start to avoid this issue.  Encryption is easily and in many cases freely available.  If you don't care enough about your data to encrypt it, you are unlikely to worry about data on decommissioned storage devices.
  • If you are worried enough not to trust encryption, no erasing technique will be good enough to satisfy your requirements.  And the cost of physically destroying those devices will not matter to you.
About

Neuigkeiten, Tipps und Wissenswertes rund um SPARC, CMT, Performance und ihre Analyse sowie Erfahrungen mit Solaris auf dem Server und dem Laptop.

This is a bilingual blog (most of the time). Please select your prefered language:
.
The views expressed on this blog are my own and do not necessarily reflect the views of Oracle.

Search

Categories
Archives
« February 2016
SunMonTueWedThuFriSat
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
      
       
Today