A computer components & hardware forum. HardwareBanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » HardwareBanter forum » General Hardware & Peripherals » Storage & Hardrives
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

DoD Harddrive Secure Erase Wipe



 
 
Thread Tools Display Modes
  #1  
Old April 18th 08, 04:10 AM posted to comp.arch.storage
WebDawg
external usenet poster
 
Posts: 4
Default DoD Harddrive Secure Erase Wipe


I have a few questions and I have been googling for a while.

You mentioned that it is a felony to erase a hard disk wrong. Can you explain further? Where did you get this information from?

Also you mentioned approved software? Does the DOD actually have a list?

For instance if I were to create a program that states it complies to the standards how is anyone to know that it doesnt?

Software like KillDisk, DBAN, and others all have the DOD option. How am I to know that they work?

I have also found out that even software like killdisk sometimes cannot erase a hard drive correctly because of the limitations in the bios due to areas on the hard disk that the computer cannot access itself.

If this is true then is is not a felony to even use certified software(by who?) to erase a hard disk?

Thank You For Your Time And Patience,

WebDawg

+----------------------------------------------------------------------
|This was sent by via Backup Central.
|Forward SPAM to
.
+----------------------------------------------------------------------



  #2  
Old April 18th 08, 02:46 PM posted to comp.arch.storage
Ryk Edelstein
external usenet poster
 
Posts: 1
Default DoD Harddrive Secure Erase Wipe


Felony?? That would be a stretch. Depending on the industry you are in,
it could violate specific laws, or industry dictated privacy
objectives, but not a felony.

The DoD is no longer the Cognizant Security Authority (CSA) for the US
Government. This responsibility has been replaced by the National
Association of Science and Technology (NIST). For proper guidance in
data decommissioning reference their special publication 800-88.
Available for free as a PDF from their web site. Just Google 'NIST
800-88' and you will find it. DoD 5220M is a retired spec, regardless
of what the data overwrite software and hardware vendors want you to
believe. Likewise, overwrite technologies that initiate the overwrite
proces using the drive data interface (an external process) can NOT
effectively remove all traces of user data, recoverable with laboratory
effort.

Due to the nature of current hard drive storage technology, overwrite
technology is no longer considered an effective means to protect
sensitive data.

Please don't just take my word for this, you can easily find academic
proof of this from the University of California's Center for Magnetic
Recording Research in their published works available on line, by
searching for papers by 'Matthew Geiger' at Carnegie Mellon, or in the
Government of Canada publication titled ' Clearing and declassifying
Electronic data storage devices', or the US DoD DSS Letter 'ISL
2007-01'.

If you want to purge data you have 2 choices, use a destructive
technology such as Degaussing, or use a non-destructive approach using
Secure Erase, which is already embedded in your hard drive as part of
the ATA spec. If you want to purge SCSI, your only choice is physical
destruction. Short of that, the only other choice is to clear data by
overwriting. Unlike ATA, when using overwrite technology to process
SCSI devices the external application has better ability to address all
writable sectors on a drive.

If you are looking for best practice, and have a need to decommission
drives often, you might want to consider an appliance based solution
that offers a single point of destruction for all ATA, IDE, Laptop,
SATA, PATA, SCSI and Fiberchannel devices. If you search DeadOnDemand
you will find such an appliance that addresses these needs.


WebDawg;804621 Wrote:
I have a few questions and I have been googling for a while.

You mentioned that it is a felony to erase a hard disk wrong. Can you
explain further? Where did you get this information from?

Also you mentioned approved software? Does the DOD actually have a
list?

For instance if I were to create a program that states it complies to
the standards how is anyone to know that it doesnt?

Software like KillDisk, DBAN, and others all have the DOD option. How
am I to know that they work?

I have also found out that even software like killdisk sometimes cannot
erase a hard drive correctly because of the limitations in the bios due
to areas on the hard disk that the computer cannot access itself.

If this is true then is is not a felony to even use certified
software(by who?) to erase a hard disk?

Thank You For Your Time And Patience,

WebDawg

+----------------------------------------------------------------------
|This was sent by via Backup Central.
|Forward SPAM to
.
+----------------------------------------------------------------------





--
Ryk Edelstein
  #3  
Old April 18th 08, 07:55 PM posted to comp.arch.storage
Cydrome Leader
external usenet poster
 
Posts: 113
Default DoD Harddrive Secure Erase Wipe

Ryk Edelstein wrote:

Felony?? That would be a stretch. Depending on the industry you are in,
it could violate specific laws, or industry dictated privacy
objectives, but not a felony.

The DoD is no longer the Cognizant Security Authority (CSA) for the US
Government. This responsibility has been replaced by the National
Association of Science and Technology (NIST). For proper guidance in
data decommissioning reference their special publication 800-88.
Available for free as a PDF from their web site. Just Google 'NIST
800-88' and you will find it. DoD 5220M is a retired spec, regardless
of what the data overwrite software and hardware vendors want you to
believe. Likewise, overwrite technologies that initiate the overwrite
proces using the drive data interface (an external process) can NOT
effectively remove all traces of user data, recoverable with laboratory
effort.

Due to the nature of current hard drive storage technology, overwrite
technology is no longer considered an effective means to protect
sensitive data.

Please don't just take my word for this, you can easily find academic
proof of this from the University of California's Center for Magnetic
Recording Research in their published works available on line, by
searching for papers by 'Matthew Geiger' at Carnegie Mellon, or in the
Government of Canada publication titled ' Clearing and declassifying
Electronic data storage devices', or the US DoD DSS Letter 'ISL
2007-01'.

If you want to purge data you have 2 choices, use a destructive
technology such as Degaussing, or use a non-destructive approach using
Secure Erase, which is already embedded in your hard drive as part of
the ATA spec. If you want to purge SCSI, your only choice is physical
destruction. Short of that, the only other choice is to clear data by
overwriting. Unlike ATA, when using overwrite technology to process
SCSI devices the external application has better ability to address all
writable sectors on a drive.

If you are looking for best practice, and have a need to decommission
drives often, you might want to consider an appliance based solution
that offers a single point of destruction for all ATA, IDE, Laptop,
SATA, PATA, SCSI and Fiberchannel devices. If you search DeadOnDemand
you will find such an appliance that addresses these needs.


It looks like a hokey appliance.

You can't accidentally mixup shredded and unerased drives and have stuff
slip though by accident, you can with whatever that device is.

Lastly, what's the value on a old used drive in the first place? 12 cents?





  #4  
Old April 18th 08, 10:40 PM posted to comp.arch.storage
the wharf rat
external usenet poster
 
Posts: 34
Default DoD Harddrive Secure Erase Wipe

In article mailman.3.1208491715.19599.comp.arch.storage_back ,

You mentioned that it is a felony to erase a hard disk wrong. Can you
explain further? Where did you get this information from?


Mishandling of classified information is a federal crime.

Also you mentioned approved software? Does the DOD actually have a list?


Yes.


For instance if I were to create a program that states it complies to
the standards how is anyone to know that it doesnt?


They audit them.


Software like KillDisk, DBAN, and others all have the DOD option. How
am I to know that they work?

They're DoD certified.


If this is true then is is not a felony to even use certified
software(by who?) to erase a hard disk?

If you know it failed and improperly dispose of data then you're
likely to get in trouble.

  #5  
Old April 19th 08, 01:43 AM posted to comp.arch.storage
Lon
external usenet poster
 
Posts: 99
Default DoD Harddrive Secure Erase Wipe

the wharf rat wrote:
In article mailman.3.1208491715.19599.comp.arch.storage_back ,
You mentioned that it is a felony to erase a hard disk wrong. Can you
explain further? Where did you get this information from?


Mishandling of classified information is a federal crime.


Unless things have changed, if you have never had a security clearance,
this is far less true than you'd think. Anyone with a current or past
security clearance signs a contract to protect all classified material
no matter what the occasion of encounter. Folks who have never done
this do not have the same contracted standard of behavior.


....and for any given class of data, there are standards for proper
disposal of that data where for some there is no acceptable software
method. Easily available pretty much the same place you got access to
that data in the first place.
  #6  
Old April 19th 08, 03:19 AM posted to comp.arch.storage
Ryk Edelstein[_2_]
external usenet poster
 
Posts: 1
Default DoD Harddrive Secure Erase Wipe


It looks like a hokey appliance.

You can't accidentally mixup shredded and unerased drives and have
stuff
slip though by accident, you can with whatever that device is.

Lastly, what's the value on a old used drive in the first place? 12
cents?



Well, Let's see. It is an appliance,true. But hokey.....Perhaps we should
evaluate this statement..... Let's consider the options. Software is
inadequate to sanitize a drive as there is a hig probability that
artifacts can be recovered post process. Physical Destruction when
conducted properly will provide absolute data loss, but then again, you
will have no drive left. Degaussing is tricky, as the degausser must be
of satisfactory power to achieve coercion of data sectors on the media
surface. With current ultra high density storage, the power necessary to
achieve coercion requires a device capable of 7,000-10,000 oersted of
energy. A device of this sort, would be more than most of our annual
salaries.

Due to the lack of clear guidance and the need for a reliable means to
purge hard drives, Secure Erase had been developed, and is part of the
ATA spec. The problem is, that despite the good intentions behind
creating this technology, the risk of it being exploited by virus or
malware is significant, and many computer and BIOS manufacturers inhibit
the storage interface from issuing the Secure Erase initiation commands
to any storage device connected to the host. Likewise, certain host
controllers inhibit external commands from addressing the Protected
Service areas (PSA) on the drive. These regions include the Host
Protected Area (HPA) where OS image data, and other system diagnostic and
utilities may have been placed by the manufacturer, the Device Control
Overlay (DCO) slack area, which may have additional storage regions
beyond the reported storage limits, and the G-List sectors that may
contain data written to them before being locked and declared bad. Each
of these PSA regions can be host to sensitive data, and should be wiped.


So, considering the limitations due to BIOS or hardware incompatibility
Secure Erase can not be effectively used to purge all platforms in the
field. Hence the reason EDT designed an appliance that is BIOS
independent and is capable of initiating SE on any ATA Spec drive (built
after 2001) processed. Once processed, the appliance issues an adhesive
certificate of destruction that is affixed to the drive. Each device
processed has its serial number logged in an audit log retained in the
appliances flash. As the flash is not accessible through the console, its
integrity is assured. Validation of processed vs non-processed devices is
only a matter of verifying that the serial number on the destruction
certificate matches the serial number on the drive, and both can be
compared against the audit log (which can be exported to an external USB
storage device).

The point you made is excellent, most folks don't consider the potential
for human error. And as such, the potential for human error is the very
reason most decommissioning technologies are not approved beyond the
lower security classification levels. In fact if we consider the
potential for 3rd party loss of unprotected storage devices on route to
physical destruction facilities, or the possibility that a drive
provided to a physical destruction provider did not have its serial
number properly logged due to human error, the risk is huge. At least
with the Dead on Demand technology, there are 2 points of evidence that
the device had been processed.

As for the after market value of a used drive... well the current figure
is presently between 13 -34 cents per Gig. Go figure....

So, is it a hokey appliance, in my opinion it is not, as it provides
public and private sector clients the means to have a portable single
point of destruction that can be shipped from site-to-site, or
department-to-department as evergreen cycles are conducted, or as
equipment is sold or repurposed.

But... please don't take my word for it. Ask any of the clients who are
currently using the appliance as part of their compliance model.




--
Ryk Edelstein
  #7  
Old April 20th 08, 09:21 PM posted to comp.arch.storage
Thor Lancelot Simon
external usenet poster
 
Posts: 18
Default DoD Harddrive Secure Erase Wipe

In article ,
Ryk Edelstein wrote:

Felony?? That would be a stretch. Depending on the industry you are in,
it could violate specific laws, or industry dictated privacy
objectives, but not a felony.


That depends what's on the disk, of course.

--
Thor Lancelot Simon

"The inconsistency is startling, though admittedly, if consistency is to
be abandoned or transcended, there is no problem." - Noam Chomsky
 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
DoD Harddrive Secure Erase Wipe oktokie Storage & Hardrives 4 April 29th 08 06:35 PM
DoD Harddrive Secure Erase Wipe oktokie General 2 April 3rd 08 11:40 AM
DoD Harddrive Secure Erase Wipe oktokie Storage (alternative) 0 April 3rd 08 02:38 AM
How to secure erase memory card? MarkW General 2 May 31st 06 03:13 AM
Erase/Wipe disk and heat problem. John . Storage (alternative) 6 October 8th 05 02:23 AM


All times are GMT +1. The time now is 12:38 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 HardwareBanter.
The comments are property of their posters.