Software to wipe a systemdrive from Windows?
#151
Posted 22 February 2011 - 05:22 PM
#152
Posted 22 February 2011 - 05:33 PM
Interesting.
I'll have to think about the actual meaning of this :
means:
- we have no idea of what we are doing and threw at a chip a strong magnetic field since we happened to have a degausser around, just for the fun of it.
or- we know for sure that by applying a strong magnetic field powerful eddy currents will be generated, actually so powerful as to damage the chips metal layers, and since this did not happen, the chips have a protection against such eddy currents or we completely missed the point and produced a not strong enough magnetic field and/or no eddy current (or not powerful enough eddy current) was generated.
Yes that amused me too! What perhaps is not so amusing is when you send your old kit to be recycled with guaranteed scrub by the recyclers - how can you be sure they REALLY have scrubbed the SSD memory in it? Also, when you give your old USB flash pen to someone after having 'wiped' it, is it really wiped?
#153
Posted 22 February 2011 - 05:55 PM
Unless of course, you want it to last, then it desintegrates after half a second!
#154
Posted 22 February 2011 - 06:55 PM
I fear that you are falling, as most people normally do, into a conspiracy theory of some kind (even if slightly ).Also, when you give your old USB flash pen to someone after having 'wiped' it, is it really wiped?
I would like to analyze the thing from a different standpoint, if you don't mind .
- If you want to be 100% secure that noone puts their nose into your things, DO NOT WRITE ANYTHING and just memorize them.
- If you want to be 100% secure that noone puts their nose into the things you have written, don't EVER give anyone access to them.
- The use of the SH-1 degausser® - though rudimental - has proved over the years to be a very good method of making sure that anything - be it optical, magnetic or solidstate based - will NOT be READ by anyone.
Here is an actual representation of this simple, yet powerful, tool in action :
It produces
But, if you don't want to go this way, and actually want to mantain the physical integrity of the devices, you need to do some calculations.
- Amount of actual meaningful and sensitive data actually present on the device (which does not include programs, music, videos, lolcat images, p0rn
downloadedthat some malware put on the device, etc., etc.), expressed in percentage of the device size (let's take an 8 Gb device for the sake of the example):
4,387 bytes (scattered over 7 files, each on average 100 Kb) 4,387/8,192,000,000=0.0000005355224609375 - Amount of possible people to whom you may want to give your old device: 5
- Average among them that may be interested to your data: 1
- hence probability of giving to the actual one interested and not to any of the other peeps 1/5=0.2
- Amount of people in the WORLD capable of:
- desoldering the chip (without damaging it) from the actual device
- analyze it with a FPGA (and build/procure such a device) AND have the funds to do so:
Figure 2 shows the FPGA-
based hardware we built to extract remnants. It cost
$1000 to build, but a simpler, microcontroller-based ver-
sion would cost as little as $200, and would require only
a moderate amount of technical skill to construct. - finding actually ANYTHING (which is NOT AT ALL like looking for known fingerprints):
Finally, we assemble the fingerprints and analyze them
to determine if the sanitization was successful. SSDs
vary in how they spread and store data across flash chips:
some interleave bytes between chips (e.g., odd bytes on
one chip and even bytes on another) and others invert
data before writing. The fingerprint’s regularity makes
it easy to identify and reassemble them, despite these
complications. Counting the number of fingerprints that
remain and categorizing them by their IDs allows us to ....
- let's say (BIG NUMBER!) 10,000 out of an estimated population of 6,901,400,000 10/6,901,400= 0,000001449
- Best result obtained by the good guys for a USB stick: 0.64
0.0000005355224609375*0.2*0,000001449*0.64=~ 0,00000000000009932314 or 1*10-14
Taking into account a factor of correction of 1,000,0000 or 1*106 for possible errors in the previous calculations, we should get the actual probability as 1*10-8 or 0.00000001
Thus you have a 1-0.00000001=0.99999999 or 99.999999% probability that your secrets will remain so.
I think I will - in my complete unconsciousness and recklessness - sleep well even the night after having given away a half-@§§edly wiped USB stick.
Compare with the known cleaning lady danger :
http://reboot.pro/12367/
Wonko
#155
Posted 22 February 2011 - 08:01 PM
1. It is MUCH easier and cheaper to get at the unerased data on a flash chip than the 'erased' off-track residual data on magnetic platters - and people already seem to be paranoid about HDD residual data hacking...
2. Government agencies expect their drives to be securely wiped before disposal/recycling. This paper shows that the 'wipe' that they currently do is probably not good enough.
Therefore, however unlikely, it is easier and cheaper to hack flash memory than a hard disk - so high-security agencies need to be careful when they dispose of their SSDs. It is possible to clamp a socket over the top of these chips and get instant access.
#156
Posted 22 February 2011 - 08:35 PM
WHY?I agree that it is VERY unlikely that any ordinary person would bother to recover the data, but there are two things that you need to consider:
1. It is MUCH easier and cheaper to get at the unerased data on a flash chip than the 'erased' off-track residual data on magnetic platters - and people already seem to be paranoid about HDD residual data hacking...
2. Government agencies expect their drives to be securely wiped before disposal/recycling. This paper shows that the 'wipe' that they currently do is probably not good enough.
Therefore, however unlikely, it is easier and cheaper to hack flash memory than a hard disk - so high-security agencies need to be careful when they dispose of their SSDs. It is possible to clamp a socket over the top of these chips and get instant access.
I am NOT (and I presume MOST members of
- Government agencies
- paranoid people
- high-security agencies
those are all theories and experimental results that they may need to consider.
Wonko
#157
Posted 22 February 2011 - 09:02 PM
People are not paranoid, because they fear for their data. People are paranoid, because they were made paranoid, by fear mongers!but there are
twothings that you need to consider:
and people already seem to be paranoid about HDD residual data hacking...
2 years ago a tv show made an interesting test and asked people on the street, what they were afraid of.
The top 3 were terrorism, earthquakes and tsunamis.
Well the last act of terrorism here in Germany, was more than 30 years ago. Earthquakes in Germany feels like a lorry driving by, if we ever have any at all. And a Tsunami would have a pretty hard time to reach middle Germany were, the questions were asked.
In short, people were afraid of what they were told to be afraid of in the media, not of any real dangers like crossing a busy street or using the car at bad weather.
Most people are just too happy to replace knowledge with blind belief.
#158
Posted 23 February 2011 - 10:43 AM
Just chiming in, but not much... unfortunately it aint a free lunch, but...
Advanced functions of O&O TotalErase
As a first in its field, “O&O TotalErase” provides the user with a completely new feature: the fully-integrated “O&O TotalErase Assistant” now allows you
to delete an entire system, including the system partition, with no need for Boot medium. New with Version 4 is the option of exclusively deleting the
system partition whilst excluding other partitions.
I've not seen any other commercial software claim to do this.
#159
Posted 23 February 2011 - 10:56 AM
#160
Posted 23 February 2011 - 11:15 AM
Which is actually what steve6375 posted on #149You may want to read this: http://www.lifehacke...id-state-drive/
http://reboot.pro/13601/page__st__148
You may want to read the thread before re-posting the same things.
Wonko
#161
Posted 23 February 2011 - 11:38 AM
You may want to read the thread before re-posting the same things.
Wonko
Have you seen the size of this thread? Still nothing compared to others... but yeah, I should have read it (I posted it at random in the hope it would help others but have no interest in the subject)
#162
Posted 23 February 2011 - 02:23 PM
So no perfect erase and quite slow.
But so far the only solution. Great find, Rookie!
#163
Posted 18 March 2011 - 06:23 PM
It's free to download and use, it's intended for all audiences from the most savvy security professionals to early newcomers to the information security field. Well documented, The National Security Agency and the Central Security Service and other government bodies use this distro as their main testing platform. BT has indispensable tools related to security, forensics, penetration testing and everything else in between. It far exceeds anything EVER developed commercially and is freely available. BackTrack is the one-stop-shop for all of your security needs.
#164
Posted 12 July 2011 - 02:07 AM
#165 Guest_Boot_Monkey_*
Posted 05 July 2012 - 03:15 AM
No need to disconnect??? Have we found a BIOS yet that you have to disconnect the drive - i.e. that freezes the drive before it boots to MSDOS?
- Switch off system - switch on system
- Boot to DOS
- Run HDDErase
HDDErase sucks balls. Mainly because of the need to change the SATA Mode to ATA. Some machines don't have that option.
Also HDDErase lacks SATA driver support and can't handle frozen drives. You need to reboot and try again.
2 user(s) are reading this topic
0 members, 2 guests, 0 anonymous users