Bug#392480: debian-installer: add support for "cleaning" hard drives
On Wed, Oct 11, 2006 at 03:27:13PM -0700, Matt Taggart wrote:
I would like to see the ability to clean hard disks (by securely overwriting
all blocks) added to debian-installer.
When I reuse a hard disk (or before I get rid of one), before I install I like
to clean all data off the drive by overwriting it. My reasons for doing so are,
1.) There may be sensitive data still on the disk, that if someone compromised
the system or physically obtained the disk (especially in the case of laptops)
they might be able to collect. It is good to start from a known clean state
knowing that only the data you put on the drive is there and you can take
precautions to protect it.
2.) If a system is compromised (either by an attacker, a user error, or a
partial drive failure), any remnants of old data will hinder any forensics
analysis of the drive. If you are starting from a state of known contents (all
the blocks set to a particular pattern or at least random) then you can find
The ability to do this is becoming increasing more important as we are
beginning to see with the problems of large companies/institutions losing
people's personal data and the resulting identity theft and fraud. This could
be a neat feature that Debian introduces first.
If you are concerned with the safety of your personal data being left
from a previous installation, I assume you're also (and even more so)
worried about your personal data being kept safe in the new
If so, I'd assume that you'd do an install to an encrypted
partition...and if you do, debian-installer (or partman-crypto to be
more precise) will already wipe the disk with one round of random data.
That should be sufficient for anything but the worst tin foil hat