FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 08-19-2010, 04:17 PM
mike cloaked
 
Default Secure erase via IDE to USB adapter - OT

This is not directly a Fedora question but I only run Fedora on all my machines!

I have one machine where the disk is throwing up "smart" errors though
the machine is still running so far, and the overall assessment (via
Palimsest) is "healthy". Every few days there is a popup warning that
the disk is about to fail!

I am planning to replace the disk and install F13 from scratch on the
new disc - but the question I have is that if I plug the old
(not-very-healthy!) disk in to a sata-to-usb external adapter, and
then hotplug the usb cable into the new machine on a usb port, I am
guessing that I will not be able to pass hdparm commands to the old
disk connected in this way in order to to secure-erase the old drive
via its onboard controller?

I am not keen to go and try to find a spare computer to put the old
drive in the internal bay and then run a live distro to issue secure
erase commands, since it is a hassle, and it would be so much
nicer/easier to do it via an external cable.

I have been told that usb does not support the full ata command sent
and the secure erase commands are likely not to get through - even
"hdparm -l /dev/sdb" might be problematic?

If there is a particular adapter that would allow me to do this I
would love to hear about it if anyone knows about these things.... yes
the platters will ultimately be removed and beaten out of shape but I
would like to remove the data first.

Thanks

--
mike c
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-19-2010, 05:51 PM
Tim
 
Default Secure erase via IDE to USB adapter - OT

On Thu, 2010-08-19 at 17:17 +0100, mike cloaked wrote:
> if I plug the old (not-very-healthy!) disk in to a sata-to-usb
> external adapter, and then hotplug the usb cable into the new machine
> on a usb port, I am guessing that I will not be able to pass hdparm
> commands to the old disk connected in this way

It depends on the chips in the adapters (see hdparm docs). Mine don't
support it, and the only one of them that I can warn you about is the
Seagate desktop expansion drive, the others have no branding.


--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-19-2010, 06:04 PM
mike cloaked
 
Default Secure erase via IDE to USB adapter - OT

On Thu, Aug 19, 2010 at 6:51 PM, Tim <ignored_mailbox@yahoo.com.au> wrote:
> On Thu, 2010-08-19 at 17:17 +0100, mike cloaked wrote:
>> if I plug the old (not-very-healthy!) disk in to a sata-to-usb
>> external adapter, and then hotplug the usb cable into the new machine
>> on a usb port, I am guessing that I will not be able to pass hdparm
>> commands to the old disk connected in this way
>
> It depends on the chips in the adapters (see hdparm docs). *Mine don't
> support it, and the only one of them that I can warn you about is the
> Seagate desktop expansion drive, the others have no branding.

OK thanks - if anyone knows of a specific adapter that *will* work I
would like to know - of course having the drive in its internal bay is
likely not to work either since many (most?) bioses will freeze the
drive from the ata command viewpoint such that it can't be unlocked to
pass the secure erase command anyway! So having an external adapter is
probably the only way I can easily do it but I do need to know that
there is an external adapter that will work. What I was unsure of is
whether there is any that would work since I had been told that usb
can't do it at all!

(I did look at the hdparm man command but did not see the answer to
the latter question)

Mike

--
mike c
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-19-2010, 06:25 PM
Stephen Gallagher
 
Default Secure erase via IDE to USB adapter - OT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/19/2010 02:04 PM, mike cloaked wrote:
> On Thu, Aug 19, 2010 at 6:51 PM, Tim <ignored_mailbox@yahoo.com.au> wrote:
>> On Thu, 2010-08-19 at 17:17 +0100, mike cloaked wrote:
>>> if I plug the old (not-very-healthy!) disk in to a sata-to-usb
>>> external adapter, and then hotplug the usb cable into the new machine
>>> on a usb port, I am guessing that I will not be able to pass hdparm
>>> commands to the old disk connected in this way
>>
>> It depends on the chips in the adapters (see hdparm docs). Mine don't
>> support it, and the only one of them that I can warn you about is the
>> Seagate desktop expansion drive, the others have no branding.
>
> OK thanks - if anyone knows of a specific adapter that *will* work I
> would like to know - of course having the drive in its internal bay is
> likely not to work either since many (most?) bioses will freeze the
> drive from the ata command viewpoint such that it can't be unlocked to
> pass the secure erase command anyway! So having an external adapter is
> probably the only way I can easily do it but I do need to know that
> there is an external adapter that will work. What I was unsure of is
> whether there is any that would work since I had been told that usb
> can't do it at all!
>
> (I did look at the hdparm man command but did not see the answer to
> the latter question)
>
> Mike
>

Well, you could always just perform a mostly secure wipe by just doing
dd if=/dev/urandom of=/dev/sdc
several times, so that the bits are overwritten by random data.

- --
Stephen Gallagher
RHCE 804006346421761

Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkxtdxkACgkQeiVVYja6o6P3NQCfUtKLRRV9Q7 9VCaZqHpO3roo5
/tMAoJWWoVOT8pa6UD/zlgrHqbeWQ9lf
=d8cP
-----END PGP SIGNATURE-----
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-19-2010, 06:55 PM
JD
 
Default Secure erase via IDE to USB adapter - OT

On 08/19/2010 11:25 AM, Stephen Gallagher wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 08/19/2010 02:04 PM, mike cloaked wrote:
>> On Thu, Aug 19, 2010 at 6:51 PM, Tim<ignored_mailbox@yahoo.com.au> wrote:
>>> On Thu, 2010-08-19 at 17:17 +0100, mike cloaked wrote:
>>>> if I plug the old (not-very-healthy!) disk in to a sata-to-usb
>>>> external adapter, and then hotplug the usb cable into the new machine
>>>> on a usb port, I am guessing that I will not be able to pass hdparm
>>>> commands to the old disk connected in this way
>>> It depends on the chips in the adapters (see hdparm docs). Mine don't
>>> support it, and the only one of them that I can warn you about is the
>>> Seagate desktop expansion drive, the others have no branding.
>> OK thanks - if anyone knows of a specific adapter that *will* work I
>> would like to know - of course having the drive in its internal bay is
>> likely not to work either since many (most?) bioses will freeze the
>> drive from the ata command viewpoint such that it can't be unlocked to
>> pass the secure erase command anyway! So having an external adapter is
>> probably the only way I can easily do it but I do need to know that
>> there is an external adapter that will work. What I was unsure of is
>> whether there is any that would work since I had been told that usb
>> can't do it at all!
>>
>> (I did look at the hdparm man command but did not see the answer to
>> the latter question)
>>
>> Mike
>>
> Well, you could always just perform a mostly secure wipe by just doing
> dd if=/dev/urandom of=/dev/sdc
> several times, so that the bits are overwritten by random data.
>
UCSD had released a paper a few years ago claiming that the
drive's own firmware can do the full erase.
The utility's name was HDDEraseWeb.zip
I do not know if it does or not - they did not release the
source code, which makes it completely untrustworthy.
For a university to release only the executable and not
the source code raises red flags.

You can always resort to these linux tools:
scrub(1), shred(1), wipe(1)

The key is to run the process with a high number of iterations.

If the drive or partitions cannot be erased while booted, then
you can resort to booting from live CD and then run

dd if=/dev/urandom of=/dev/sdX (whatever you target disk X stands for).

will wipe the whole drive. Of course you can choose a partition thereof.

The key is you iterate the above about 10 times.

Start when the disk is cold and has been lying un-powered.

There is a very good reason for this.

I leave it to you to figure that out why


--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-19-2010, 07:06 PM
mike cloaked
 
Default Secure erase via IDE to USB adapter - OT

On Thu, Aug 19, 2010 at 7:55 PM, JD <jd1008@gmail.com> wrote:

>> Well, you could always just perform a mostly secure wipe by just doing
>> dd if=/dev/urandom of=/dev/sdc
>> several times, so that the bits are overwritten by random data.

Indeed though there are two issues I thought would arise -
a) This would not deal with HPA partitions unless I was mistaken?
b) It is a lot slower than letting the drive firmware take over and
overwrite all the bits on the disk

> UCSD had released a paper a few years ago claiming that the
> drive's own firmware can do the full erase.
> The utility's name was HDDEraseWeb.zip

I am aware of that but it is a DOS facility as far as I remember and I
don't know if it can over-ride the bios freeze? hdparm is pure linux
and that is why I wanted to go that route...

> I do *not know if it does or not - they did not release the
> source code, which makes it completely untrustworthy.
> For a university to release only the executable and not
> the source code raises red flags.
>
> You can always resort to these linux tools:
> scrub(1), *shred(1), wipe(1)

Yes, though much slower than the internal secure erase in the drive -
and does not deal with HPA partitions (as I mentioned above) ?

>
> The key is to run the process with a high number of iterations.
>
> If the drive or partitions cannot be erased while booted, then
> you can resort to booting from live CD and then run
>
> dd if=/dev/urandom of=/dev/sdX (whatever you target disk X stands for).
>
> will wipe the whole drive. Of course you can choose a partition thereof.
>
> The key is you iterate the above about 10 times.
>
> Start when the disk is cold and has been lying *un-powered.
>
> There is a very good reason for this.
>
> I leave it *to you to figure that out why

OK - I will try and figure that one out!

--
mike c
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 

Thread Tools




All times are GMT. The time now is 12:10 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org