on Fri, Apr 05, 2002, fti International (fti@cox.net) wrote:
> As follow-up to my previous posted question.
> I have two moer questions for everyone.
>
> 1. Do the existing non-linux partition on hard disk affect the linux
> partition during the installation?
Not during installation. I've heard reports that WinXP doesn't play
well with GNU/Linux in operation due to different partition geometries
being reported in some instances. I haven't experienced this myself,
others' experiences appreciated.
> 2. Nomatter what the answer for 1 is, is there a way to "wipe off"
> the hard disk? I mena to make the hard disk as a new, never-used
> one?
Depends on how securely you want to delete the data, and how much time
you want to invest in the process:
# Mark files deleted, but don't actually remove underlying data.
# Runs in a few minutes, tops, generally.
$ rm -rf /my/path
# Destroy filesystem, but don't actually remove underlying data.
# Runs in a few minutes, tops, generally.
$ mke2fs /dev/<partition>
# Destroy partition table via fdisk and repartitioning. Similar to
# above. Complete in < 1 minute.
$ fdisk /dev/<device>
# "Zero out" partition, overwriting all data with an ascii NUL
# character. This makes data recovery far more expensive (e.g.:
# time consuming [1]), but not impossible in all instances. Takes
# minutes to hours:
$ dd if=/dev/zero of=/dev/<partition-or-device>
# Securely delete directory tree, partition, or disk device, in a
# manner that's economically (and/or physically) impossible to
# recover. Takes hours to days depending on storage capacity and
# system speed. Both utilities (wipe and shred) are packaged for
# Debian.
$ wipe <arguments>
$ shred <arguments>
My advice:
- Optionally: overwrite, delete, zero & wipe selected high-risk
directories initially. Do this for content you *have* to make sure
is deleted. The goal is to get critical data off your system
quickly.
# Overwrite file with arbitrary content:
$ find <path> -type f -print0 | xargs -0 -n 1 cp -f /etc/profile
$ find <path> -type f -print0 | xargs -0 rm -f
# Fill partition with nulls, will fill "slack space" as well:
$ dd if=/dev/zero of=<path>/foo
$ rm -f <path>
- Reformat the disk.
- Repartition the disk.
- Zero the disk.
- Wipe the disk.
...in that order. From both a time cost and security level perspective
this advances from low to high, meaning that you're providing some level
of security even with initial methods.
The risk associated with the high-security deletion methods is that, if
time-pressed, you can't complete the operation before a system
compromise occurs -- say, the Black Hats are beating down your door. In
this case, you want to do what you can to make their task difficult.
Alternatively, you could use an encrypted filesystem. To secure your
data, you'd remove all records of the password, and/or change the
password, effectively removing access to the data.
----------------------------------------
Notes:
1. Costs tend toward $150-500/hr, typically ~$30,000+ to recover data
from a disk, via MFM ("magnetic force microscopy"), according to
research I did on this a year or so back. Impractical for many
common purposes, but may be applicable in civil or criminal cases,
corporate disaster recovery, or national security instances. Such
actions are now of questionable legality in light of the DMCA and
similar US legislation.
--
Karsten M. Self <kmself@ix.netcom.com> http://kmself.home.netcom.com/
What Part of "Gestalt" don't you understand?
Support the EFF, they support you: http://www.eff.org/
Attachment:
pgp63QnxpjWhe.pgp
Description: PGP signature