[parisc-linux] i dont know jack

Sandy Harris sandy@storm.ca
Thu, 25 Jul 2002 13:54:48 -0700 

Juergen Braukmann wrote:

> Hi Rick, there probably is. Boot into some nini root environment and
> type:
> 
> dd if=/dev/null of=/dev/sda [assuming THE drive is sda]
> 
> this will overwrite the intire disk with zero bytes (or was /dev/zero
> the proper device for that??).

/dev/zero gives a stream of null bytes.

Don't use /dev/null; it returns EOF on all reads, or did when I learned
the rules on older Unix and I suspect that still true.

> Atlernetivly, /dev/random might be a good source of rubbish data. ;-)

Not /dev/random. It was designed to produce high-grade random numbers
for critical applications like generating PGP keys. It blocks if you
try to take out more random data than it has input entropy.

/dev/urandom does not block, so you could use that.

It would likely be better to use a little program that just seeds itself
from /dev/urandom and then cranks out lots of psuedo-random crud
quickly.
The FreeS/WAN libraries include source you could use:
http://www.freeswan.org/freeswan_snaps/CURRENT-SNAP/doc/manpage.d/ipsec_prng.3.html
 
> there is the bs= parameter as well (block size). You probably need to
> experiment a bit with that, I tried to copy a 20GB disk via dd and it
> was dead slow, but I used 8KB as bs. I'd now start with a value of 4-8
> MB.

Yes, use a large block size.

How thorough do you need to be? At one extreme, just trashing the
partition table or superbloack may be all you need. At the other,
you may need to do a fair bit of programming.

The classic paper on secure deletion is:
http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html

I once read a US gov't standard for overwriting disks with
non-classified
data on them. (For classified data, you destroy the disk.) It wanted a
minimum of three overwrites, all-0s, all-1s and random data.

The hard part was that you had to guarantee to do that everywhere,
including
blocks the OS or drive had marked bad, things outside partitions that
the OS
couldn't see, ...

A handy loop for cheap but fairly thorough deletions is:

for( i = u = 0 ; i < 4 ; i++, u += 0x55555555 )

This walks each nybble of u through the values 0000, 0101, 1010, 1111 so
you gat the US gov'ts all-0s and all-1s plus a couple of others.