FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Edubuntu User

 
 
LinkBack Thread Tools
 
Old 11-18-2010, 05:38 PM
Belinda Lopez
 
Default Wiping donated computers for recycling question

Hi all,
I'm writing up a short guide for recycling computers with
Ubuntu/Edubuntu so they can be donated and reused. One of the questions
I have is: Does the standard installation process where one selects
'Use entire disk' do a good enough job of wiping the hard drive of any
prior data?

Given that most of these systems will be used in schools or by kids,
these organisations want to avoid any possibility that any old data
might be left on the systems.

thanks all!

Dinda


Education
Canonical
belinda.lopez@canonical.com
dinda@ubuntu.com
IRC: dinda
Office: Galveston, Texas
--
Ubuntu - Linux for Human Beings
http://www.ubuntu.com
http://www.edubuntu.org
http://www.canonical.com
---------------------------


--
edubuntu-users mailing list
edubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
 
Old 11-18-2010, 06:50 PM
Intense Red
 
Default Wiping donated computers for recycling question

> Does the standard installation process where one selects
> 'Use entire disk' do a good enough job of wiping the hard drive of any
> prior data?

IMHO, yes. A lot will depend on the particular file system you use and
how paranoid you are, but here's a generic answer.

GNU fdisk will reset the master boot record. At that time, the partition
data on the disk is effectively lost, and similarly the data. But it would
still be possible for an expert to recover the data.

When a mkfs (in Windows-speak, a "format" the disk) is done, it is
a "quick format". mkfs writes out itables or "indexes" so that files
created can be indexed. Similar to the above, this means the data on the
disk is effectively lost, but again, a file system/hard disk expert could
recover it.

GNU's mkfs also has a "check block" option, typically used to check for
faulty hard drive hardware. If you use the check block option, it will take
a *long* time on a modern hard drive. In this process, each sector of the
hard drive is written to and then read from -- and the results compared.
This literally checks the entire hard drive and is the equivalent of
a "Norton wipe" -- any data is permanently erased at that point since each
sector got overwritten.

Unless you've got some super-secret military-grade data on the drive and
are paranoid beyond belief, just do the "use the entire disk option".

--
"The courts have ruled that the police can search your data without a
warrant, as long as others hold that data. If the police want to read the
e-mail on your computer, they need a warrant; but they don't need one to
read it from the backup tapes at your ISP." -- Security expert Bruce
Schneier.


--
edubuntu-users mailing list
edubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
 
Old 11-18-2010, 06:59 PM
"Jonathan D. Proulx"
 
Default Wiping donated computers for recycling question

On Thu, Nov 18, 2010 at 02:50:55PM -0500, Intense Red wrote:
: > Does the standard installation process where one selects
: > 'Use entire disk' do a good enough job of wiping the hard drive of any
: > prior data?
:
: IMHO, yes. A lot will depend on the particular file system you use and
:how paranoid you are, but here's a generic answer.

I'd agree a reinstall is "good enough"

: GNU fdisk will reset the master boot record. At that time, the partition
:data on the disk is effectively lost, and similarly the data. But it would
:still be possible for an expert to recover the data.

if you stop at this stage it would be good enough to keep someone from
accidentally seeing what was on there but a 12yo with google could
figure out how to get it back in 2 or 3 easy steps

new filesystems woudl als a could more fairly easy steps, but once you
start actually writting all the files a new operating system would
take up it becomes reasonably difficult.

I'd become more paranoid if it included "valuable" information like
social security numbers, credit card info etc ... but it probably
didn't.


--
edubuntu-users mailing list
edubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
 
Old 11-18-2010, 07:07 PM
Theo Schmidt
 
Default Wiping donated computers for recycling question

Belinda Lopez schrieb:
...
> Does the standard installation process where one selects 'Use entire disk' do
a good enough job of wiping the hard drive of any prior data?
>
> Given that most of these systems will be used in schools or by kids, these
organisations want to avoid any possibility that any old data might be left on
the systems.

Unless you actually overwrite the entire disk, clever people can recover some of
the files with a tool like testdisk/photorec. I did this with a new formatted
hard disk from a jumble sale and was amazed at all the stuff still on it,
including porn videos!

The solution is simple: from the live DVD do something like: "dd if=/dev/zero
of=/dev/sda" (Maybe somebody can verify that this is correct.) This will write
zeros onto the entire disk (sda would be the first hard disk, so take care if
there are several.) It will take quite some time and there is no progress
editor. I'm sure Ubuntu also provides some graphical tool for this.

Theo Schmidt


--
edubuntu-users mailing list
edubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
 
Old 11-18-2010, 07:38 PM
"Jonathan D. Proulx"
 
Default Wiping donated computers for recycling question

On Thu, Nov 18, 2010 at 09:07:12PM +0100, Theo Schmidt wrote:

:The solution is simple: from the live DVD do something like: "dd if=/dev/zero
f=/dev/sda" (Maybe somebody can verify that this is correct.) This will write
:zeros onto the entire disk

It will do as you say using:

dd if=/dev/urandom of=/dev/sda

is better as it will write random data which makes recovery that much
harder. The "secure" wisdom is to do this three times to prevent
software attacks and atleast make hardware attacks (like paying alot
of money to a discrecovery specialist) really expensive.

But for me if you're talking about reinstalling a class room computer
then using that in another classroom setting this is overkill, infact
nomatter what was on it if the end use is in a supervised class room
the reinstall is likely fine. If you are passing the computer out
of your controll more paranoia may or may not be appropriate, your
call.

-Jon



--
edubuntu-users mailing list
edubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
 
Old 11-19-2010, 06:52 AM
Theo Schmidt
 
Default Wiping donated computers for recycling question

Jonathan D. Proulx schrieb:
...
> dd if=/dev/urandom of=/dev/sda
>
> is better as it will write random data which makes recovery that much
> harder. The "secure" wisdom is to do this three times to prevent
> software attacks and atleast make hardware attacks (like paying alot
> of money to a discrecovery specialist) really expensive.

I read about this about a year ago but can't find the reference now. The gist
was that a single wipe even with zeros is enough to prevent recovery with any
normal means, however that theoretically a electron microscope used on an opened
disk can find data bits even if they have been overwritten many times. However
this is so slow that it will only work if you know exactly where the data is on
the platter and would otherwise take thousands of years to do with present
technology.


> But for me if you're talking about reinstalling a class room computer
> then using that in another classroom setting this is overkill, infact
> nomatter what was on it if the end use is in a supervised class room
> the reinstall is likely fine.

This is true, but if you get PCs e.g. from a bank they want reassurance that
nobody can reconstruct their old data, and a single wipe with dd (as root or
with sudo) can give them this reassurance. This is what we do with donated
hardware at Linuxola.org - but only if they ask, as wiping a large disk can take
an hour or so.

The problem with dd is that it gives no feedback except when it is finished (It
only says "so and so records in, so and so records out). If you make a mistake
it can erase the wrong disk or partition. There is no undo or progress bar or
indication if it gets stuck, e.g. with a faulty disk.

So it might be easier to use the specialist live disk DABAN. http://www.dban.org
This is a small live-image (11 MB) to be burned onto a CD-R.

This was recommeneded here, where there also some other tips:
http://linuxhelp.blogspot.com/2006/06/how-to-securely-erase-hard-disk-before.html

Happy wiping, Theo

--
edubuntu-users mailing list
edubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
 
Old 11-19-2010, 08:51 AM
"M. Fioretti"
 
Default Wiping donated computers for recycling question

On Fri, Nov 19, 2010 08:52:29 AM +0100, Theo Schmidt (theo.schmidt@wilhelmtux.ch) wrote:

> > But for me if you're talking about reinstalling a class room
> > computer then using that in another classroom setting this is
> > overkill, infact nomatter what was on it if the end use is in a
> > supervised class room the reinstall is likely fine.
>
> This is true, but if you get PCs e.g. from a bank they want
> reassurance that nobody can reconstruct their old data...

Er... sorry, maybe I'm missing something here but... are you saying
that there are still banks that do NOT thoroughly, professionally
erase by themselves all the hard drives of all the computers they
dismiss, BEFORE those computers even exit the bank? Because if that's
the case I don't want to ever have an account at those banks! No,
seriously!

Marco
--
The connections among Education, Green ICT and Free Software:
http://stop.zona-m.net/?p=1249

--
edubuntu-users mailing list
edubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
 
Old 11-19-2010, 09:19 AM
Theo Schmidt
 
Default Wiping donated computers for recycling question

M. Fioretti schrieb:

> Er... sorry, maybe I'm missing something here but... are you saying
> that there are still banks that do NOT thoroughly, professionally
> erase by themselves all the hard drives of all the computers they
> dismiss, BEFORE those computers even exit the bank? Because if that's
> the case I don't want to ever have an account at those banks! No,
> seriously!

Wher have you been these last years? :-) Seriously, let's take any business. For
them it is a case of incurring no further cost when donating hardware. The time
to wipe the drives would cost them, so they will either rip out the hard disks,
which also costs and just delays their problem, or donate to somebody they can
trust, e.g. a school who assures them, that they will wipe the drives and not
just quick-format them. Therefore this is an important point for securing such
donations.

TS

--
edubuntu-users mailing list
edubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
 
Old 11-19-2010, 12:45 PM
"M. Fioretti"
 
Default Wiping donated computers for recycling question

On Fri, Nov 19, 2010 11:19:12 AM +0100, Theo Schmidt (theo.schmidt@wilhelmtux.ch) wrote:
> M. Fioretti schrieb:
>
> > Er... sorry, maybe I'm missing something here but... are you saying
> > that there are still banks that do NOT thoroughly, professionally
> > erase by themselves all the hard drives of all the computers they
> > dismiss, BEFORE those computers even exit the bank? Because if that's
> > the case I don't want to ever have an account at those banks! No,
> > seriously!
>
> Wher have you been these last years?

On this planet, where "Strict industry standards and government
regulations are in place that force organizations to mitigate the risk
of unauthorized exposure of confidential corporate and government
data" (see http://en.wikipedia.org/wiki/Data_erasure, starting from
"Regulatory Compliance)

There will surely be many businesses that still do what you say, but
this doesn't mean that they are right or that anybody should make
business with them.

Marco
--
Note to all NGOs: please don't make a mess with Microsoft donations
http://stop.zona-m.net/?p=46

--
edubuntu-users mailing list
edubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
 
Old 11-19-2010, 04:02 PM
dbclinton
 
Default Wiping donated computers for recycling question

This might amuse you: I was told (by an insider) that every Canadian
overseas embassy has one government issue hammer for properly removing
data from all hard drives in case they are at risk of being overrun.


--
edubuntu-users mailing list
edubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
 

Thread Tools




All times are GMT. The time now is 03:53 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org