What's new
  • ICMag with help from Landrace Warden and The Vault is running a NEW contest in November! You can check it here. Prizes are seeds & forum premium access. Come join in!

DBAN Darik's Boot And Nuke, Data wipe/clearing

M

mrred

Darik's Boot and Nuke ("DBAN") is a self-contained boot disk that securely wipes the hard disks of most computers. DBAN will automatically and completely delete the contents of any hard disk that it can detect, which makes it an appropriate utility for bulk or emergency data destruction.

http://www.dban.org/

At the wipe method screen, Once you got it running, You want to use at least 7 passes of random data, the DoD 5220.22-M I belive is what you want.

Deleteing or Formating only isnt good enough, no matter how many times you do it.
 
dev0n

dev0n

Member
Bulk data destruction yes, but is it fast enough to overwrite a giant hard drive in an emergency situation? Either way that's a good piece of code to have around IMO. If you're using your PC for something profitable that can also get you burned I'd recommend diverting some of those profits for a hard drive degausser. Decent ones are a couple thousand dollars but when seconds count they can't be beat. Make sure they're plugged into a good UPS too in the event somebody decides to cut power before they kick in the door.
 
M

mrred

Or some thermite, blow tourch, You can do how ever many passes if youre in a rush 1 or 2 is better than none..

You could also use programs like analogx supershredder for keeping your pc tidy and a program that writes over the empty space on your harddrive to make sure the files you deleted stay deleted.

You could also partitition your harddrive so its faster to wipe the important stuff.

Everyone should have this program burned to a disc, test that it boots and have it on standby.
 
Z

ZackMorris

Member
My laptop which i bought 5-6 years ago has an option to restore the comp to the way it was the day you bought it by pressing ctrl+f11 at startup. I do it every few months and it works great. Im assuming it wipes everything clean atleast.
 
slackx

slackx

Well-known member
Veteran
ZackMorris said:
My laptop which i bought 5-6 years ago has an option to restore the comp to the way it was the day you bought it by pressing ctrl+f11 at startup. I do it every few months and it works great. Im assuming it wipes everything clean atleast.
Click to expand...

wrong
 
M

mrred

slackx is right, just goto download.com search for data recovery, and find a free program, and youll see how easy it is to recover files.

If you use DBAN, even that ctrl+11 thing at starting will be gone. So youll need a copy of your operating system or system restore cd.
 
Olum

Olum

Member
ZackMorris said:
how about you explain yourself. youre saying this doesnt wipe my computer clean?
Click to expand...

Zack, please don't make assumptions about security!

Whenever you delete or erase something from a hard drive it doesn't actually go away and it can usually be easily recovered by someone who knows what they are doing. Even disk drives pulled out of fires are often able to yield data to the experienced. There are entire companies whose job is data recovery and they make a lot of money doing it.

Normally, when you delete something on your computer it is tagged for overwrite. This means that it is still there but is being shown as if it is empty space on your hard drive. As you put more data onto your computer, it overwrites the so called deleted sectors. The US Department of Defense actually wipes secret classified hard drives seven times before deeming them erased, as the OP alluded to.

Using something like Time Machine on a Mac or any similar program does absolutely nothing to protect your data. Some programs like that don't even attempt to delete old data whatsoever, it's just kept in storage.

It is worth noting than you can build a rather cheap and effective electromagnet that may come in handy in such emergencies if you don't have the dough for an expensive degausser.
 
dev0n

dev0n

Member
mrred said:
Or some thermite, blow tourch, You can do how ever many passes if youre in a rush 1 or 2 is better than none.
Click to expand...

Alright this had me in stitches :) No joke tho, at US Embassies in some more troubled regions their computer drives with the most sensitive data are wired with thermite that melts them to slag in the event the compound is overrun a'la Iran 1979 etc. Sometimes it pays to take a cue from a .gov ...
 
P

patches

Member
Nothing is ever erased on your drives. that is not possible. The data (bits and bytes(1s and 0s)) is simply delinked from their original hexadecimal block address.

DBAN zero-fills the drive over and over. It is useful to zero-fill so many times that the de-linked blocks get so faint because of the rewrites that the data can no longer be retrieved. (Think multiple-exposure of film but with data (1s and 0s))

Depending on how many times you've formatted a disk of say 20 gigs, you yourself could end up pulling terabytes of data from the drive because of the multiple formats worth of gathered data over time. (using various linux software like foremost, scalpel, Magic Rescue, Photorec, recoverjpeg).

Ive used photorec a lot and blow peoples mind to recover their sd cards and the like when they thought their family pictures were gone for ever.
That is unless they used DBAN to zero-fill, then its not gonna be possible to recover, just make sure you go with DoD standard number of passes in DBAN.
 
Olum

Olum

Member
Mmmm, Olum like fire.

Thermite should not be used indoors or places where it may be considered illegal. You might want to check local laws on that. It is dangerous and should be used with care. Having said that, it is possible to make yourself.

http://how2dostuff.blogspot.com/2006/01/how-to-make-thermite.html
http://www.ehow.com/how_2081916_make-thermite.html

It's worth noting that thermite will burn without outside oxygen and that trying to extinguish it with water could have bad consequences. Nothing remotely flammable or able to be melted should be anywhere near it, aside from unwanted hard drives of course. :D
 
Z

ZackMorris

Member
Olum said:
Zack, please don't make assumptions about security!

Whenever you delete or erase something from a hard drive it doesn't actually go away and it can usually be easily recovered by someone who knows what they are doing. Even disk drives pulled out of fires are often able to yield data to the experienced. There are entire companies whose job is data recovery and they make a lot of money doing it.

Normally, when you delete something on your computer it is tagged for overwrite. This means that it is still there but is being shown as if it is empty space on your hard drive. As you put more data onto your computer, it overwrites the so called deleted sectors. The US Department of Defense actually wipes secret classified hard drives seven times before deeming them erased, as the OP alluded to.

Using something like Time Machine on a Mac or any similar program does absolutely nothing to protect your data. Some programs like that don't even attempt to delete old data whatsoever, it's just kept in storage.

It is worth noting than you can build a rather cheap and effective electromagnet that may come in handy in such emergencies if you don't have the dough for an expensive degausser.
Click to expand...

I'll make all the assumptions i want. How about that? And i wasnt talking about regular system restore but a total system restore. Are you familiar with the ctrl+f11 option on dell's? For most of the guys on here who only have smaller grows then this option will probably do the trick. You really think theyre going to send your computer to the fbi lab over a 2k grow? Dont think so. The ctrl+f11 option takes about 30 secs to make happen and if you have pics, emails, contacts info that could incriminate a friend or something it will wipe those (on the service i guess). One of my assumptions was that some folks didnt know this option exist-- I was trying to help,
 
C

cannabi

Member
ZackMorris said:
I'll make all the assumptions i want. How about that? And i wasnt talking about regular system restore but a total system restore. Are you familiar with the ctrl+f11 option on dell's? For most of the guys on here who only have smaller grows then this option will probably do the trick. You really think theyre going to send your computer to the fbi lab over a 2k grow? Dont think so. The ctrl+f11 option takes about 30 secs to make happen and if you have pics, emails, contacts info that could incriminate a friend or something it will wipe those (on the service i guess). One of my assumptions was that some folks didnt know this option exist-- I was trying to help,
Click to expand...

I really hate to say this, but they don't need to send anything over to a lab ZackMorris. They have a USB stick that goes into anyone's computer which contains automated police forensic data recovery tools created by microsoft. All they do is insert that into your PC and they're in---even if you use your system's "automated recovery." That function is to restore your PC to factory condition, it does NOTHING out of the ordinary with regards to data destruction. It just deletes the partition table and installs a new one over it. It literally proclaims, "this disk is empty." And then allows the computer to write anywhere on the disk, but all your original data is still there, and even someone like me can go back 2 even 3 writes prior to the latest thing you've wrote to your hard drive and recover those files without issue. 2k grow is enough to get the USB stick inserted. Hell, 1 plant is enough for that.

You should probably be a lot more careful with regards to computer security :)
 
slackx

slackx

Well-known member
Veteran
ZackMorris said:
how about you explain yourself. youre saying this doesnt wipe my computer clean?
Click to expand...

I can't explain computing to someone over the net, nor will I try. None of those programs really do work, kill disk-- what ever program you may have. The only real way to be protected from federal data restoration teams is too magnetically destroy the layers or physically destroy the hard-disk. their are hard disk defuses that cost large amounts of money, but as someone who use to do data restoration - i can tell you i've seen hard drives catch fire and i was still able to replace parts to get things off it. Clearing a hard drive to 0's with any program is just writing to a different layer. The only thing you can really do to completely assure it is to change the sector size on the hard disk drive.
 
S

sirbudsalot

Member
patches said:
No one not even the feds have been able to get data off a drive that had been wiped with the Gutmann method in DBAN.

This has been proven.
Click to expand...

What makes you think that "the feds" would disclose their data recovery abilities? Think the NSA publishes a list of crypto systems they've compromised? (Answer: nope.)
 
C

cannabi

Member
If you zero out your drives with one pass, your local LEO won't be able to touch the data. There is nothing stopping them from passing your hard drive along to a bigger dog capable of more recovery options, but that depends on how much more evidence against you they think resides on your hard drive(s).

Multiple passes of the zero out procedure will further complicate matters for the feds, but there does exist technology to recover it even after a few passes. Once you do 7-8 passes though, it is pretty much impossible to recover anything from those drives.

As for their ability to break encryption, just assume they can break any encryption you throw at them depending on how much more they think they'd have on you by breaking your encrypted files.
 
P

patches

Member
sirbudsalot said:
What makes you think that "the feds" would disclose their data recovery abilities? Think the NSA publishes a list of crypto systems they've compromised? (Answer: nope.)
Click to expand...

wasnt referring to encryption
Im not sure what they do or dont disclose since Ive never been a fed, I shouldnt have said proven I guess but its widespread industry knowledge, garnered from people that do work for the alphabet agencies at various places where gov - non-gov collusion does exist. I have witnessed that myself.
 
You must log in or register to reply here.

Latest posts

Latest posts

Top