On 09/08/10 19:36, Wayne Stallwood wrote:
My understanding was that the multipass method of secure erasing was almost irrelevant now anyway.
This is my understanding too. Which makes one of DBAN's best features pointless!
I think all the secure erase does over dban is removes sector remapping data from the drive flash and tries to overwrite blocks marked as bad (which due to sector remapping dban or dd will skip)
It also does this much quicker than DBAN runs, so it's effectively "better" and faster, hence the appeal. On the other hand it's also more of a pain in the **** to get working....
Something often undocumented about ATA Secure Erase is that as well as storage controller firmware sometimes blocking it, a lot of drive firmware will silently abort the command unless an ATA user password has been set on the drive first. So if you are having trouble getting it to work then try that first. Last time I played with it, it took me a while to discover this.
This is all quite well documented in (I think) the hdparm documentation - I'm not in a position to check right now but most sets of instructions for secure erase with hdparm seem to link to it.
If you really are *that* paranoid how do you know that a "secure erase" command built into the drive firmware is really doing its job and not just hiding the data from you after it is run ?
Paranoia is one aspect, but I'm not particularly paranoid.
However, customers like to tick boxes, and the "secure erase" function of the hard drive seems to tick more boxes than DBAN, not least because DBAN goes out of its way not to provide any warranty. It was this aspect that got me looking at secure erase in the first place; realistically the data is not worth anything to anyone and /dev/random (or even /dev/zero) would be suficient from a strict security point of view.
I did read somewhere about hard drives that encrypt all stored data on the fly using en encryption key stored by the flash; to "wipe" the disk instantly al you need to is change the encryption key - all the old data becomes inaccessible. I can't find the reference to that now.