Thursday, September 24, 2015

On the subject of wiping hard drives.

Most of us have a box of old hard drives kicking around. Here's something rather alarming pointed out at Small Dead Animals today by Lance.

From the article on the WIPE utility:

NOTE ABOUT JOURNALING FILESYSTEMS AND SOME RECOMMENDATIONS (JUNE 2004)

Journaling filesystems (such as Ext3 or ReiserFS) are now being used by default by most Linux distributions. No secure deletion program that does filesystem-level calls can sanitize files on such filesystems, because sensitive data and metadata can be written to the journal, which cannot be readily accessed. Per-file secure deletion is better implemented in the operating system.

Encrypting a whole partition with cryptoloop, for example, does not help very much either, since there is a single key for all the partition.

Therefore wipe is best used to sanitize a harddisk before giving it to untrusted parties (i.e. sending your laptop for repair, or selling your disk). Wiping size issues have been hopefully fixed (I apologize for the long delay).

Be aware that harddisks are quite intelligent beasts those days. They transparently remap defective blocks. This means that the disk can keep an albeit corrupted (maybe slightly) but inaccessible and unerasable copy of some of your data. Modern disks are said to have about 100% transparent remapping capacity. You can have a look at recent discussions on Slashdot.

I hereby speculate that harddisks can use the spare remapping area to secretly make copies of your data. Rising totalitarianism makes this almost a certitude. It is quite straightforward to implement some simple filtering schemes that would copy potentially interesting data. Better, a harddisk can probably detect that a given file is being wiped, and silently make a copy of it, while wiping the original as instructed.

Recovering such data is probably easily done with secret IDE/SCSI commands. My guess is that there are agreements between harddisk manufacturers and government agencies. Well-funded mafia hackers should then be able to find those secret commands too.

Don't trust your harddisk. Encrypt all your data.

Of course this shifts the trust to the computing system, the CPU, and so on. I guess there are also "traps" in the CPU and, in fact, in every sufficiently advanced mass-marketed chip. Wealthy nations can find those. Therefore these are mainly used for criminal investigation and "control of public dissent".

People should better think of their computing devices as facilities lended by the DHS.

Emphasis mine. Please note, this is a very informed opinion, but still only speculation.

For no particular reason, I will now link to an article on how to build a forge. Please note, this article has you building something quite permanent and complicated. I've seen good results with a used brake drum, a length of flexible ducting and a hair dryer.

Interesting random science note, did you know that striking a piece of metal with a hammer changes the crystal structure of the metal, and moves its magnetic properties around as well?

Interesting random link to an old article of mine.

3 comments:

WiFi Lunchbox Guy #0296 said...

When I've decommissioned hard drives I used dban.

Behold: it comes out and says it doesn't take care of the remap/bad tracks table unless you pay for Blancco. I don't remember that disclaimer being there a few years back.

That forge is looking pretty good right now... :O

The Phantom said...

You know, burning used hard drives in a forge seem completely insane. Really.

I can just see myself out in the driveway, fire going, hair dryer blowing into it, dropping those disks in there and wearing my tinfoil hat in case the aliens beam instructions into my brain.

Except, they really DO hide shit from us all the time, and every fucking week brings a brand new revelation about just exactly how much info they have on every single one of us.

So yeah. Brake drum, piece of flexible ducting, a hair dryer and a bag of charcoal. Recover that shit, Big Brother. Tinfoil hat optional.

WiFi Lunchbox Guy #0296 said...

You were right as usual: we couldn't have been paranoid enough.

* The DoD gave up on overwrite tools in 2007:
"Currently as of 2007 the DoD standards state that no method of overwriting is sufficient to sanitize [disk] media. Degaussing or physical destruction is the only accepted method for anything that leaves the organization."

* The US Department of Justice did a report on dban's issues in 2010. In the light of the DoD report, why bother?

* ...because both the DoD and the NSA still certify wiping tools for other GSA software purchasers...like the DoJ!

OMG, the NSA isn't paranoid enough!

This means that cell phones, ipadz, USB sticks, ebook readers, SDHC cards, "smart cards", and anything with data storage has to burn, too.

(beat)

Will the aliens make the spies go away if we promise not to squirm too much during the probing?