On 2005-06-06, rbt <[EMAIL PROTECTED]> wrote: >> Just open the raw disk device (assuming your Unix has such), >> and start writing data to it. Keep going until the write fails >> at the end of the media. > > Wouldn't /dev/urandom or /dev/random on Linux systems work > better?
Maybe. Last time I found an article on the subject (should have kept a copy), it suggested certain patterns for the initial passes, and then random data for the last passes. The data is converted into one of several RLL encodings (which encoding depends on the drive). The optimal erase patterns depended on the encoding used, so you have to use a several different patterns to cover all the bases. Googling for "secure disk erase pattern rll encoding"... Here's a good but somewhat old paper: http://www.cypherus.com/resources/docs/shred.htm and here's a newer one that deals more with secure deletion of individual files: http://www.usenix.org/events/sec01/full_papers/bauer/bauer_html/ and finally the US Navy's take on the issue: http://www.fas.org/irp/doddir/navy/5239_26.htm > It's the kernel's built in random number generator. It'd fill > the drive with random bits of data. The "really random" device will block when it runs out of entropy. It will probably take the kernel a _long_ time to generate a disk's worth of random data. The pseudo-random device won't block, but the results aren't quite as secure. > You could loop it too... in fact, I think many of the > pre-packaged *wipe* programs are mini Linux distros that do > just this. > > dd if=/dev/random of=/dev/your_hard_drive -- Grant Edwards grante Yow! I always liked FLAG at DAY!! visi.com -- http://mail.python.org/mailman/listinfo/python-list
