Is there a simple command that will wipe out all info/data?

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

gggg gggg <ggggg9271@gmail.com> wrote:

Is there a simple command that will wipe out all info/data?

Strictly speaking, no, not nowadays.

Back in the days of magnetic storage, you could boot a Linux live disk,
find the hard disk in /dev (say /dev/sda), and then go “shred /dev/sda” as root. That would write a random pattern over the whole disk, and then do
it again another two times.

Flash drives don’t present all of their contents to the file system, so a determined opponent could recover some of your data even after shredding.

Most of us don’t have anything that earthshaking on a disk anyway, and don’t have anyone who might want to make that much an effort to recover it, so shred is still an option.

Cheers

Phil Hobbs

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On a sunny day (Fri, 29 Sep 2023 16:27:21 -0700 (PDT)) it happened gggg gggg <ggggg9271@gmail.com> wrote in <b8fd4d7f-ee53-4f2d-a410-668c94ec5a8en@googlegroups.com>:

Is there a simple command that will wipe out all info/data?

In Linux, as root. dd if=/dev/zero of=/dev/sda
if sda is your harddisk.
should write zeros on all sectors.
Works also for USB sticks etc.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

T24gMjAyMy8wOS8yOSA1OjMwIHAubS4sIFBoaWwgSG9iYnMgd3JvdGU6DQo+IGdnZ2cgZ2dn ZyA8Z2dnZ2c5MjcxQGdtYWlsLmNvbT4gd3JvdGU6DQo+PiBJcyB0aGVyZSBhIHNpbXBsZSBj b21tYW5kIHRoYXQgd2lsbCB3aXBlIG91dCBhbGwgaW5mby9kYXRhPw0KPj4NCj4gDQo+IFN0 cmljdGx5IHNwZWFraW5nLCBubywgbm90IG5vd2FkYXlzLg0KPiANCj4gQmFjayBpbiB0aGUg ZGF5cyBvZiBtYWduZXRpYyBzdG9yYWdlLCB5b3UgY291bGQgYm9vdCBhIExpbnV4IGxpdmUg ZGlzaywNCj4gZmluZCB0aGUgaGFyZCBkaXNrIGluIC9kZXYgKHNheSAvZGV2L3NkYSksIGFu ZCB0aGVuIGdvIOKAnHNocmVkIC9kZXYvc2Rh4oCdIGFzDQo+IHJvb3QuICBUaGF0IHdvdWxk IHdyaXRlIGEgcmFuZG9tIHBhdHRlcm4gb3ZlciB0aGUgd2hvbGUgZGlzaywgYW5kIHRoZW4g ZG8NCj4gaXQgYWdhaW4gYW5vdGhlciB0d28gdGltZXMuDQo+IA0KPiBGbGFzaCBkcml2ZXMg ZG9u4oCZdCBwcmVzZW50IGFsbCBvZiB0aGVpciBjb250ZW50cyB0byB0aGUgZmlsZSBzeXN0 ZW0sIHNvIGENCj4gZGV0ZXJtaW5lZCBvcHBvbmVudCBjb3VsZCByZWNvdmVyIHNvbWUgb2Yg eW91ciBkYXRhIGV2ZW4gYWZ0ZXIgc2hyZWRkaW5nLg0KPiANCj4gTW9zdCBvZiB1cyBkb27i gJl0IGhhdmUgYW55dGhpbmcgdGhhdCBlYXJ0aHNoYWtpbmcgb24gYSBkaXNrIGFueXdheSwg YW5kDQo+IGRvbuKAmXQgaGF2ZSBhbnlvbmUgd2hvIG1pZ2h0IHdhbnQgdG8gbWFrZSB0aGF0 IG11Y2ggYW4gZWZmb3J0IHRvIHJlY292ZXIgaXQsDQo+IHNvIHNocmVkIGlzIHN0aWxsIGFu IG9wdGlvbi4NCj4gDQo+IENoZWVycw0KPiANCj4gUGhpbCBIb2Jicw0KPiANCg0KT25lIGNh biBhbHdheXMgdXNlIHRoZSBoYW1tZXIgZGF0YSBlcmFzZSAtIEkgZGlkIHRoYXQgZm9yIGEg ZnJpZW5kJ3MgDQpzb2Z0d2FyZSBkZXZlbG9wbWVudCBjb21wYW55IC0gdGhleSBoYWQgZm9y dHkgb2RkIGRyaXZlcyB0aGV5IHdhbnRlZCB0byANCmJlIHVucmVhZGFibGUgLSBhIHNsZWRn ZSBoYW1tZXIgZGlkIHRoYXQgcXVpdGUgcXVpY2tseS4uLkkgY291bGQgaGF2ZSANCnVzZWQg dGhlIGRyaWxsIHByZXNzIGFzIHdlbGwsIGJ1dCB0aGUgaGFtbWVyIHdhcyBtb3JlIHNhdGlz ZnlpbmcuDQoNClVTQiBzdGlja3MgYW5kIFNTRHMgYWxzbyByZXNwb25kIHdlbGwgdG8gdGhl IGhhbW1lciBkYXRhIGNsZWFyaW5nIHRyZWF0bWVudC4NCg0KSm9obiA6LSMpIw0KLS0gDQoo UGxlYXNlIHBvc3QgZm9sbG93dXBzIG9yIHRlY2ggaW5xdWlyaWVzIHRvIHRoZSBVU0VORVQg bmV3c2dyb3VwKQ0KICAgICAgICAgICAgICAgICAgICAgIEpvaG4ncyBKdWtlcyBMdGQuDQog ICAgICAgICM3IC0gMzk3OSBNYXJpbmUgV2F5LCBCdXJuYWJ5LCBCQywgQ2FuYWRhIFY1SiA1 RTMNCiAgICAgICAgICAoNjA0KTg3Mi01NzU3IChQaW5iYWxscywgSnVrZXMsIFZpZGVvIEdh bWVzKQ0KICAgICAgICAgICAgICAgICAgICAgIHd3dy5mbGlwcGVycy5jb20NCiAgICAgICAg Ik9sZCBwaW5iYWxsZXJzIG5ldmVyIGRpZSwgdGhleSBqdXN0IGZsaXAgb3V0LiINCg0K

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 9/29/2023 5:30 PM, Phil Hobbs wrote:

gggg gggg <ggggg9271@gmail.com> wrote:

Is there a simple command that will wipe out all info/data?

Strictly speaking, no, not nowadays.

Actually, not even in recent history -- if you truly want to *wipe*
the drive... the ENTIRE drive!

Back in the days of magnetic storage, you could boot a Linux live disk,
find the hard disk in /dev (say /dev/sda), and then go “shred /dev/sda” as
root. That would write a random pattern over the whole disk, and then do
it again another two times.

That only addresses that partition; there can be multiple.

And, that also ignores the HPA and DSO -- either or both of
which can be present on a particular medium.

We "wipe" thousands of disks each year. And, *contractually*,
must guarantee that they ARE actually wiped of all donor data.
Many places that claim to recycle your kit don't provide that
guarantee; I've watched folks rummaging around on donated
machines "out of curiosity". Used kit that I *purchase* I
have no compunction about doing the same as it should have been
the seller's responsibility to protect what he felt worth
protecting.

(I've found tax returns -- corporate and individual -- lists
of employees WITH THEIR SSNs AND BIRTHDATES, drafts of graduate
theses, all sorts of "interesting" photos, etc.)

I built an appliance that wipes disks (60 at a time). It
resets the DCO and/or HPA (if present), then overwrites the
entire medium with a series of patterns, based on the agreement
we have with the donor (some are happy with a simple overwrite
of constant data, some prefer random data, other want multiple
passes and/or verification passes -- hence the need for a
dedicated appliance that can just grind away on disks, all day
long).

[This also gives us a way to determine which disks are worth
reusing; a slow disk or one that throws lots of errors is
scrap -- so, it may be more expeditious to simply shred it
NOW instead of waiting for the "wipe" to complete]

Depending on the pickiness of the donor, even a bad sector
causes the "wipe" to be considered incomplete. In which case
the drive is LITERALLY shredded (think of a wood chipper for metal).

And, a log of each of the "processed" drives is returned to the
donor -- along with a sworn statement of their (data) destruction.

Flash drives don’t present all of their contents to the file system, so a determined opponent could recover some of your data even after shredding.

Also true with SSDs (whether in "disk" form or as M.2's, DOMs, etc.

And, the DCO and HPA can intentionally hide information that one might
not want a knowledgeable adversary to trivially recover.

(e.g., when building a new system, my appliance creates a hidden
"restore" partition in the HPA so all of the original contents of
the disk are there even if you were to overwrite the "exposed"
partitions, completely. This allows us to limit our "customer
support" to "Press F9 at the boot prompt to restore your computer
to its original condition (any new files will be lost)")

Some disks claim to support the "Secure Erase" ATA option. But,
there have been reports of this being buggy in some cases. And,
there is the issue of *issuing* that command (e.g., how do you
secure erase the "system" disk if the utility to invoke the
secure erase runs under that OS?).

Some BIOSs will have a hook to invoke Secure Erase. But, it may
only work with a particular disk, supplied WITH the machine in
its original configuration (e.g., if you've updated the disk,
all bets are off).

Some manufacturers have free-standing "Secure Erase" utilities...
but, you may find they only work on "disks" and not on DoMs, etc.
And, they likely won't work on some OTHER manufacturer's storage
devices.

Most of us don’t have anything that earthshaking on a disk anyway, and don’t have anyone who might want to make that much an effort to recover it, so shred is still an option.

That largely depends on who will be downstream of your "discard".

Someone purchased an Apple tablet that had been donated to us
some years ago. The folks who processed the donation didn't know
how to get at the internal disk so it never visited my "sanitizer".

A week or so later, we received an irate call from the donor.
Apparently, the purchaser had TELEPHONED HER asking for the
password to "her old Apple".

Ooops!

In addition to threatening to call the police (what crime was committed?),
she was likely to contact the local media, which would have seen an
"easy SENSATIONAL story" just ripe for picking.

We ended up buying the device back and then filming our *physical*
destruction of it to reassure the donor that none of her data was
ever compromised.

I'm *sure* she wasn't completely mollified...

Thereafter, any device that folks were uncertain of had to
be "blessed" by me before being made available for resale.

I physically destroy SSDs as I can see no RELIABLE way to wipe
AND VERIFY that they have been "processed". They're just not worth
trying to reuse/resell, if you have any concern for their contents.
Ironically, the "better" the SSD (i.e., the more overprovisioned),
the more of a nuisance!

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 9/29/2023 10:57 PM, Don Y wrote:

And, that also ignores the HPA and DSO -- either or both of
which can be present on a particular medium.

Ugh! s.b. DCO.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 30/09/2023 00:27, gggg gggg wrote:

Is there a simple command that will wipe out all info/data?

There are various tools that will fill the disk with random data several
times over. That won't quite work against a forensic specialist if the
data was valuable but should be good enough for all practical purposes.

They tend to be called something like shred. This advice looks OK

https://uk.crucial.com/articles/pc-builders/how-to-wipe-a-hard-drive

SSD's present a bit more of a challenge there can be orphaned blocks
with faults that contain your data frozen and inaccessible by normal
means but which could be retrieved by a forensic specialist with the appropriate tools (basically hidden in bad blocks or by wear levelling).

--
Martin Brown

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 9/30/2023 3:51 AM, Martin Brown wrote:

On 30/09/2023 00:27, gggg gggg wrote:

Is there a simple command that will wipe out all info/data?

There are various tools that will fill the disk with random data several times
over. That won't quite work against a forensic specialist if the data was valuable but should be good enough for all practical purposes.

It's actually possible to get "residual data" from SSDs (and,
likely, rust). We think of magnetic/electrical domains as
binary things but they really are analog and can be probed
to reveal more of their history.

For the skeptics:
<https://www.usenix.org/system/files/sec20_slides_hasan.pdf>

And, of course, "broken" drives (of any type) are relatively easy
to snoop.

They tend to be called something like shred. This advice looks OK

https://uk.crucial.com/articles/pc-builders/how-to-wipe-a-hard-drive

SSD's present a bit more of a challenge there can be orphaned blocks with faults that contain your data frozen and inaccessible by normal means but which
could be retrieved by a forensic specialist with the appropriate tools (basically hidden in bad blocks or by wear levelling).

The same is true with spinning rust; you don't know *when* a sector
was marked as bad so you don't know what it might "partially" contain.

For picky customers, the presence of *any* bad blocks on a drive
at the beginning (or end!) of our "sanitizing" procedure requires
the drive to be physically destroyed -- because there is no way
for us to coax the drive to scribble on/over that "bad" sector, to
obfuscate its contents.

[Disks are cheap. If you have concerns over your data being exposed,
they are considerably cheaper than the cost of potentially losing
control over that data!]

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Friday, September 29, 2023 at 7:27:27 PM UTC-4, gggg gggg wrote:

Is there a simple command that will wipe out all info/data?

There are powerful degaussers made for this purpose. You need to find a business that offers this as a service.

https://www.pitneybowes.com/in/shipping-and-mailing/degaussers.html

That very highly credentialed device won't be cheap.

Or maybe someone on SED has a DIY project for same. Jan?

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Friday, September 29, 2023 at 4:27:27 PM UTC-7, gggg gggg wrote:

Is there a simple command that will wipe out all info/data?

Yes, but it'll cost ya. There are disk drives that secure the data by encrypting on-the-fly all the time, and decrypt on-the-fly so it all
happens transparently. They're 'enterprise' models, sometimes
with odd (SAS, fibre channel, whatever-it-is-this-decade) connection requirements.

Those drives store an internal key that can be overwritten when you want
to lose the data. Even 'bad blocks' are encrypted, so the loss of the
key makes every bit of the data on the drive into... semi-random bits.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Friday, September 29, 2023 at 4:27:27 PM UTC-7, gggg gggg wrote:

Is there a simple command that will wipe out all info/data?

Absolutely all data is hard because the hard drive may have blocks set aside that
are 'bad' but not empty, which aren't addressable with normal read/write commands.

For a MacBook, you can wipe out your personal data by making a new user account, giving it admin privileges, and using it to delete your user account. When the deed is done, the user folder is accessible for 'secure delete'
with the privileges of the new user.

A cloud copy can exist, for some items, of course. Chasing THAT data down is more confusing.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On a sunny day (Sat, 30 Sep 2023 18:13:06 -0700 (PDT)) it happened whit3rd <whit3rd@gmail.com> wrote in <58394583-8e8d-4452-b8a3-c5bac1dba4bcn@googlegroups.com>:

On Friday, September 29, 2023 at 4:27:27 PM UTC-7, gggg gggg wrote:

Is there a simple command that will wipe out all info/data?

Yes, but it'll cost ya. There are disk drives that secure the data by >encrypting on-the-fly all the time, and decrypt on-the-fly so it all
happens transparently. They're 'enterprise' models, sometimes
with odd (SAS, fibre channel, whatever-it-is-this-decade) connection >requirements.

Those drives store an internal key that can be overwritten when you want
to lose the data. Even 'bad blocks' are encrypted, so the loss of the
key makes every bit of the data on the drive into... semi-random bits.

I have read once that -- maybe it was on floppies and perhaps hardddiscs --, you could read deleted data sometimes by changing track position a bit outside the newly
erased track as those areas could still be magnetized with the old data.
But high tech places like government labs likely have more ways.
As they already now almost everything about me, it makes no difference
that bomb under the white house they likely found out about that too.
So dd if=/dev/zero of=/dev/sda
is good enough for humans, like if hufter buythen had just done that,
then that repair shop would not have exposed his commi-nukations.,

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sat, 30 Sep 2023 18:13:06 -0700 (PDT), whit3rd <whit3rd@gmail.com>
wrote:

On Friday, September 29, 2023 at 4:27:27?PM UTC-7, gggg gggg wrote:

Is there a simple command that will wipe out all info/data?

Yes, but it'll cost ya. There are disk drives that secure the data by >encrypting on-the-fly all the time, and decrypt on-the-fly so it all
happens transparently. They're 'enterprise' models, sometimes
with odd (SAS, fibre channel, whatever-it-is-this-decade) connection >requirements.

Those drives store an internal key that can be overwritten when you want
to lose the data. Even 'bad blocks' are encrypted, so the loss of the
key makes every bit of the data on the drive into... semi-random bits.

Just delete the embarassing stuff and write a giant random file until
the drive is full. Nobody but maybe the CIA has a chance to recover
anything after that.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 9/30/2023 6:40 PM, whit3rd wrote:

On Friday, September 29, 2023 at 4:27:27 PM UTC-7, gggg gggg wrote:

Is there a simple command that will wipe out all info/data?

Absolutely all data is hard because the hard drive may have blocks set aside that
are 'bad' but not empty, which aren't addressable with normal read/write commands.

On SCSI drives, one can reset the GDT and, as the PDT existed before
you started to populate the drive, it shouldn't be of concern.
Withthe GDT reset, I suspect even a casual adversary could coax the
drive to reveal the contents of those sectors (possibly with the
assistance of some thermal "enhancement")

For a MacBook, you can wipe out your personal data by making a new user account, giving it admin privileges, and using it to delete your user account.
When the deed is done, the user folder is accessible for 'secure delete'
with the privileges of the new user.

Are you sure it (any of its apps) never create temporary files
elsewhere, that reveal portions of the originals' contents?

A cloud copy can exist, for some items, of course. Chasing THAT data down is
more confusing.

A "paging/swap" file can also have copies of some or all of the
data in question. How long it survives, there, depends on the
paging policy and how much activity the VMM sees.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sunday, October 1, 2023 at 1:22:15 PM UTC-7, Don Y wrote:

On 9/30/2023 6:40 PM, whit3rd wrote:

On Friday, September 29, 2023 at 4:27:27 PM UTC-7, gggg gggg wrote:

Is there a simple command that will wipe out all info/data?

Absolutely all data is hard because the hard drive may have blocks set aside that
are 'bad' but not empty, which aren't addressable with normal read/write commands.

On SCSI drives, one can reset the GDT and, as the PDT existed before
you started to populate the drive, it shouldn't be of concern.
Withthe GDT reset, I suspect even a casual adversary could coax the
drive to reveal the contents of those sectors (possibly with the
assistance of some thermal "enhancement")

For a MacBook, you can wipe out your personal data by making a new user account, giving it admin privileges, and using it to delete your user account.
When the deed is done, the user folder is accessible for 'secure delete' with the privileges of the new user.

Are you sure it (any of its apps) never create temporary files
elsewhere, that reveal portions of the originals' contents?

The 'elsewhere' question is... no, not generally going to be allowed, even
for a privileged user, to stray outside the user folder. That's irritating, because only the
'shared' folder is allowable for multiuser read/write items, unless you use
the terminal window and SUDO everything...

A cloud copy can exist, for some items, of course. Chasing THAT data down is
more confusing.

A "paging/swap" file can also have copies of some or all of the
data in question. How long it survives, there, depends on the
paging policy and how much activity the VMM sees.

Well, portions of anything in RAM can be swapped out on any OS
that uses virtual memory. It isn't coherent files with organized info, though, and gets overwritten so only recent activity ought to leave traces. There's a journaling system that ought to keep that kind of data corralled even through hard shutdowns, but I can't say how often one REALLY erases anything on SSD
media, because the OS has the load-leveling thing to worry about.

If any disk drive has to be shredded, a small one dedicated to swap operations would be
the candidate.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 10/1/2023 8:32 PM, whit3rd wrote:

On Sunday, October 1, 2023 at 1:22:15 PM UTC-7, Don Y wrote:

On 9/30/2023 6:40 PM, whit3rd wrote:

On Friday, September 29, 2023 at 4:27:27 PM UTC-7, gggg gggg wrote:

Is there a simple command that will wipe out all info/data?

Absolutely all data is hard because the hard drive may have blocks set aside that
are 'bad' but not empty, which aren't addressable with normal read/write commands.

On SCSI drives, one can reset the GDT and, as the PDT existed before
you started to populate the drive, it shouldn't be of concern.
Withthe GDT reset, I suspect even a casual adversary could coax the
drive to reveal the contents of those sectors (possibly with the
assistance of some thermal "enhancement")

For a MacBook, you can wipe out your personal data by making a new user
account, giving it admin privileges, and using it to delete your user account.
When the deed is done, the user folder is accessible for 'secure delete' >>> with the privileges of the new user.

Are you sure it (any of its apps) never create temporary files
elsewhere, that reveal portions of the originals' contents?

The 'elsewhere' question is... no, not generally going to be allowed, even for a privileged user, to stray outside the user folder. That's irritating, because only the
'shared' folder is allowable for multiuser read/write items, unless you use the terminal window and SUDO everything...

No notion of a "tmp" filesystem?

A cloud copy can exist, for some items, of course. Chasing THAT data down is
more confusing.

A "paging/swap" file can also have copies of some or all of the
data in question. How long it survives, there, depends on the
paging policy and how much activity the VMM sees.

Well, portions of anything in RAM can be swapped out on any OS
that uses virtual memory.

Of course. So, either live without swap (have gobs of physical
memory -- I have 144G on my workstations) or plan on wiping it,
as well. That usually requires some level of "privilege", though.

It isn't coherent files with organized info,

That depends on what happens to be in RAM when those pages
get swapped out. E.g., if editing a document, spreadsheet,
etc. it's likely that page-sized, contiguous chunks will
exist in swap. And, if you can take a snapshot of that image
(i.e., by stopping the processor/system), then it's trivial to
grep the data looking for common patterns. Much like
string(1) helps find bits of text amidst executable code.

[E.g., a SSN has a distinctive format -- as do (birth)dates,
phone numbers, monetary amounts, bank routing numbers, etc.]

though, and gets overwritten so only recent activity ought to leave traces. There's a journaling system that ought to keep that kind of data corralled even
through hard shutdowns, but I can't say how often one REALLY erases anything on SSD
media, because the OS has the load-leveling thing to worry about.

I can't see any *reliable*, robust strategy for sanitizing SSDs
(or any other solid state equivalent) -- unless you have access to
the FTL. And, given how buggy "the big guys" have been in THEIR implementations (slow learners?), it's hard to imagine anyone
else being much more proficient.

If any disk drive has to be shredded, a small one dedicated to swap operations would be
the candidate.

The problem is that the file store, OS, etc. are all reasonably opaque;
their contractual guarantees only indicate that the data will persist...
they don't disclose WHERE it might travel along the way! And, people tend
to *assume* that whatever the OS does solves the access problem EVEN WHEN
THE OS ISN'T RUNNING! (oops)

In my current product, my "persistent store" is implemented as an RDBMS.
All temporary tables (e.g., "query results") manifest in a tablespace
that is backed by RAM to minimize the chance of data leaking to an
adversary (assuming the RDBMS is robust in its own storage mechanisms).

If you want to dispose of old media, repurpose it in something else
OF YOUR OWN so you still retain it (i.e., defer the issue of dealing with
the data). And, if you can defer it long enough, then the value of
the *media* will be so insignificant that you can afford to just destroy it.

[How big is the disk in a laptop likely to be when you've decided that
it (the drive) can be discarded?]

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 10/1/2023 10:52 PM, Don Y wrote:

I can't see any *reliable*, robust strategy for sanitizing SSDs
(or any other solid state equivalent) -- unless you have access to
the FTL.  And, given how buggy "the big guys" have been in THEIR implementations (slow learners?), it's hard to imagine anyone
else being much more proficient.

<https://www.stellarinfo.com/blog/sandisk-ssd-40000-hour-death-bug-2022/>

<https://arstechnica.com/gadgets/2023/05/sandisk-extreme-ssds-keep-abruptly-failing-firmware-fix-for-only-some-promised/>

<https://www.hpe.com/us/en/services/sas-ssd-advisory.html>

<https://www.tomshardware.com/news/samsung-980-pro-ssd-failures-firmware-update>

<https://www.reddit.com/r/unRAID/comments/110jpt2/warning_crucial_mx500_ssd_firmware_bug_can/?rdt=63988>

Can you spell "not-ready-for-primetime"?

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 01/10/2023 15:24, John Larkin wrote:

On Sat, 30 Sep 2023 18:13:06 -0700 (PDT), whit3rd <whit3rd@gmail.com>
wrote:

On Friday, September 29, 2023 at 4:27:27?PM UTC-7, gggg gggg wrote:

Is there a simple command that will wipe out all info/data?

Yes, but it'll cost ya. There are disk drives that secure the data by
encrypting on-the-fly all the time, and decrypt on-the-fly so it all
happens transparently. They're 'enterprise' models, sometimes
with odd (SAS, fibre channel, whatever-it-is-this-decade) connection
requirements.

Those drives store an internal key that can be overwritten when you want
to lose the data. Even 'bad blocks' are encrypted, so the loss of the
key makes every bit of the data on the drive into... semi-random bits.

Just delete the embarassing stuff and write a giant random file until
the drive is full. Nobody but maybe the CIA has a chance to recover
anything after that.

That is about what the standard zappers do except that you have to do it
two or three times over to weaken residual signals. It depends what
technical level of adversary you expect to be going up against.

Most times what you suggest will be good enough. Although you could be
unlucky and find your entire password file in plaintext sat inside a bad
block (if you were daft enough to store it that way).

--
Martin Brown

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 10/2/2023 1:27 AM, Martin Brown wrote:

That is about what the standard zappers do except that you have to do it two or
three times over to weaken residual signals. It depends what technical level of
adversary you expect to be going up against.

Writing a file implies you have a file SYSTEM.

A file system has metadata that is typically not stored in the file
itself. So, a record of the (deleted) files still exists.

You're in correspondence with a "J.Epstein". Your MUA has thoughtfully
create a J.Epstein folder for your email exchanges. Fearing you may be implicated in some of J.Epstein's nefarious activities, you delete
all of the messages archived, there, overwriting the blocks that they
used with multiple passes of "random" data. AND, the folder itself.

But, the fact that a "J.Epstein" folder *existed* is still preserved in the file system's metadata.

How much do you know about ALL of the applications that you use?
What if you want to remove all traces of some application from
your system; can you do so? (remember, any folders/subdirectories
that it created must be scrubbed ALONG WITH THE REFERENCES *to* THEM!

Is any record of the websites you visit persistent in the system,
perhaps in a place that you can't access (or aren't aware of)?

Is there a record of the hosts that have connected to your system?
What else might that record contain? What value having a list of
hostnames (presumably on your subnet)?

If O.BinLaden had a login on your machine, could you remove all
traces of that? Do you know where those crumbs might reside??
Is there value in knowing that "O.BinLaden" was (or is) a valid userID?

You *know* that windows stores an identifier of each hardware device
that it has ever encountered (in the Registry). So, could a thumb drive containing "something bad" found SOMEWHERE ELSE be tied to you? How will
you ensure there is no record of that thumb drive having visited your
computer?

Unless you can qualify what you consider to be "important data",
you likely have little chance of purging it -- without overwriting
the ENTIRE medium. Chances are, there are more things that leave
crumbs than you can imagine.

Most times what you suggest will be good enough. Although you could be unlucky
and find your entire password file in plaintext sat inside a bad block (if you
were daft enough to store it that way).

Or, a record of your login ID for a ecommerce website. Even if there is
no password stored, knowing your account name/number can be valuable
to someone. Knowing that SomeEmailAddress@SomeDomain is a VALID email
address has value to someone who wants to spam it (as there is no other
way of knowing if an email address is valid in the absence of bounces)

[This is why phone spammers want you to "press one to opt out"...
it gives a positive confirmation that their message reached human
ears. So, *another* -- and another -- message will likely also reach
those ears! After all, that is their goal!]

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: free.spam

The idiot whit3rd <whit3rd@gmail.com> persisting in being an Off-topic troll...

--
whit3rd <whit3rd@gmail.com> wrote:

X-Received: by 2002:a05:622a:199d:b0:417:b909:22d with SMTP id u29-20020a05622a199d00b00417b909022dmr144612qtc.6.1696217543399;
Sun, 01 Oct 2023 20:32:23 -0700 (PDT)
X-Received: by 2002:a9d:73c6:0:b0:6af:9f8b:c606 with SMTP id
m6-20020a9d73c6000000b006af9f8bc606mr3344012otk.0.1696217543084; Sun, 01 Oct
2023 20:32:23 -0700 (PDT)
Path: not-for-mail
Newsgroups: sci.electronics.design
Date: Sun, 1 Oct 2023 20:32:22 -0700 (PDT)
In-Reply-To: <ufckde$2g1v7$1@dont-email.me>
Injection-Info: google-groups.googlegroups.com; posting-host=209.221.140.126; posting-account=vKQm_QoAAADOaDCYsqOFDAW8NJ8sFHoE
NNTP-Posting-Host: 209.221.140.126
References: <b8fd4d7f-ee53-4f2d-a410-668c94ec5a8en@googlegroups.com>
<f56cd984-0376-4e6d-98cd-dc5a7b53653dn@googlegroups.com> <ufckde$2g1v7$1@dont-email.me>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <934fcfd9-5216-46fd-867d-3855d65ccb73n@googlegroups.com>
Subject: Re: Before a person gives his laptop away and wants to erase all info/data
From: whit3rd <whit3rd@gmail.com>
Injection-Date: Mon, 02 Oct 2023 03:32:23 +0000
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Received-Bytes: 3755

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On a sunny day (Mon, 2 Oct 2023 03:16:05 -0700) it happened Don Y <blockedofcourse@foo.invalid> wrote in <ufe598$2t0bb$3@dont-email.me>:

On 10/2/2023 1:27 AM, Martin Brown wrote:

That is about what the standard zappers do except that you have to do it two or
three times over to weaken residual signals. It depends what technical level of
adversary you expect to be going up against.

Writing a file implies you have a file SYSTEM.

Depends, I use sequential sector based records for for example location and altitude in my drone SDcard.
Faster simpler better.
https://panteltje.nl/panteltje/quadcopter/index.html

A file system has metadata that is typically not stored in the file
itself. So, a record of the (deleted) files still exists.

A file system is not always needed, especially if you only have a
lot of the same data data records sequential in time
And if I wanted to encrypt something and store it I am free to put in anywhere in FLASH

But OK for Linux and widblows users ....

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: free.spam

The arsehole Jan Panteltje <alien@comet.invalid> persisting in being an Off-topic troll...

--
Jan Panteltje <alien@comet.invalid> wrote:

Path: not-for-mail
From: Jan Panteltje <alien@comet.invalid>
Newsgroups: sci.electronics.design
Subject: Re: Before a person gives his laptop away and wants to erase all
info/data
Date: Tue, 03 Oct 2023 05:42:59 GMT
Message-ID: <ufg9l3$t9if$1@solani.org>
References: <b8fd4d7f-ee53-4f2d-a410-668c94ec5a8en@googlegroups.com> <58394583-8e8d-4452-b8a3-c5bac1dba4bcn@googlegroups.com> <u30jhit90if6ja0e96kevm1519qncrmv36@4ax.com> <ufduub$2rrc8$4@dont-email.me> <ufe598$2t0bb$3@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; ISO-8859-15
Content-Transfer-Encoding: 8bit
Injection-Date: Tue, 3 Oct 2023 05:42:59 -0000 (UTC)
Injection-Info: solani.org;
logging-data="960079"; mail-complaints-to="abuse@news.solani.org" User-Agent: NewsFleX-1.5.7.5 (Linux-5.15.32-v7l+)
Cancel-Lock: sha1:b5DCr2QhWQhICMxwD1qeu5YmLaI=
X-Newsreader-location: NewsFleX-1.5.7.5 (c) 'LIGHTSPEED' off line news reader for the Linux platform
NewsFleX homepage: http://www.panteltje.nl/panteltje/newsflex/ and ftp download ftp://sunsite.unc.edu/pub/linux/system/news/readers/
X-User-ID: eJwFwYEBwCAIA7CX6IBWz1GE/09Ykk6wFExGTk4FfHgeSLsT7txaZbzWWGJPqsYRu+viO7JKPQ3SlrWTP0LSFNY=
X-Received-Bytes: 2387

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2023-10-01, whit3rd <whit3rd@gmail.com> wrote:

On Friday, September 29, 2023 at 4:27:27 PM UTC-7, gggg gggg wrote:

Is there a simple command that will wipe out all info/data?

Yes, but it'll cost ya. There are disk drives that secure the data by encrypting on-the-fly all the time, and decrypt on-the-fly so it all
happens transparently. They're 'enterprise' models, sometimes
with odd (SAS, fibre channel, whatever-it-is-this-decade) connection requirements.

Those drives store an internal key that can be overwritten when you want
to lose the data. Even 'bad blocks' are encrypted, so the loss of the
key makes every bit of the data on the drive into... semi-random bits.

These drives will show a time of 2 minutes for SATA secure erase

"2min for SECURITY ERASE UNIT"

This is for most server drives and many desktop drives, also some USB hard drives.

(in practice it takes closer to 2 seconds, but it's an interger field (byte?) and
the measuring unit is 2 minutes)

--
Jasen.
🇺🇦 Слава Україні

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 9/30/2023 6:13 PM, whit3rd wrote:

On Friday, September 29, 2023 at 4:27:27 PM UTC-7, gggg gggg wrote:

Is there a simple command that will wipe out all info/data?

Yes, but it'll cost ya. There are disk drives that secure the data by encrypting on-the-fly all the time, and decrypt on-the-fly so it all
happens transparently. They're 'enterprise' models, sometimes
with odd (SAS, fibre channel, whatever-it-is-this-decade) connection requirements.

Those drives store an internal key that can be overwritten when you want
to lose the data. Even 'bad blocks' are encrypted, so the loss of the
key makes every bit of the data on the drive into... semi-random bits.

I don't know of exploits to recover the data after the keys are "wiped"
but suspect such an exploit DOES exist. And, given that the "erasure"
is only accomplished at the gateway to the device (i.e., all of the encrypted data STILL resides on the device), wouldn't count on that as a viable way to protect sensitive data:

<https://kb.cert.org/vuls/id/395981/> <https://www.dell.com/support/kbdoc/en-us/000130689/self-encrypting-drives-vulnerabilities-cve-2018-12037-and-cve-2018-12038-mitigation-steps-for-dell-encryption-products>
<https://arstechnica.com/gadgets/2021/08/how-to-go-from-stolen-pc-to-network-intrusion-in-30-minutes/>

(Note that software-based approaches have already been shown to be vulnerable)

Think REALLY hard before letting media that contains/contained "important"
data leave your physical control. Encryption in communications is a
different beast, entirely; the data likely has temporal sensitivity
AND the keys can be changed, dynamically. Not so for large blocks of
largely static data!

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: free.spam

The idiot Jasen Betts <usenet@revmaps.no-ip.org> persisting in being an Off-topic troll...

--
Jasen Betts <usenet@revmaps.no-ip.org> wrote:

Path: not-for-mail
From: Jasen Betts <usenet@revmaps.no-ip.org>
Newsgroups: sci.electronics.design
Subject: Re: Before a person gives his laptop away and wants to erase all
info/data
Organization: JJ's own news server
Message-ID: <ufo2mq$prn$2@gonzo.revmaps.no-ip.org>
References: <b8fd4d7f-ee53-4f2d-a410-668c94ec5a8en@googlegroups.com>
<58394583-8e8d-4452-b8a3-c5bac1dba4bcn@googlegroups.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Date: Fri, 6 Oct 2023 04:33:30 -0000 (UTC)
Injection-Info: gonzo.revmaps.no-ip.org; posting-host="localhost:127.0.0.1";
logging-data="26487"; mail-complaints-to="usenet@gonzo.revmaps.no-ip.org"
User-Agent: slrn/1.0.3 (Linux)
X-Face: ?)Aw4rXwN5u0~$nqKj`xPz>xHCwgi^q+^?Ri*+R(&uv2=E1Q0Zk(>h!~o2ID@6{uf8s;a
+M[5[U[QT7xFN%^gR"=tuJw%TXXR'Fp~W;(T"1(739R%m0Yyyv*gkGoPA.$b,D.w:z+<'"=-lVT?6
{T?=R^:W5g|E2#EhjKCa+nt":4b}dU7GYB*HBxn&Td$@f%.kl^:7X8rQWd[NTc"P"u6nkisze/Q;8
"9Z{peQF,w)7UjV$c|RO/mQW/NMgWfr5*$-Z%u46"/00mx-,\R'fLPe.)^
Lines: 27
X-Complaints-To: https://www.astraweb.com/aup
NNTP-Posting-Date: Fri, 06 Oct 2023 05:00:38 UTC
Bytes: 2256
Date: Fri, 6 Oct 2023 04:33:30 -0000 (UTC)
X-Received-Bytes: 2395

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

XPost: free.spam

The arsehole Don Y <blockedofcourse@foo.invalid> persisting in being an Off-topic troll...

--
Don Y <blockedofcourse@foo.invalid> wrote:

Path: not-for-mail
From: Don Y <blockedofcourse@foo.invalid>
Newsgroups: sci.electronics.design
Subject: Re: Before a person gives his laptop away and wants to erase all
info/data
Date: Fri, 6 Oct 2023 02:32:39 -0700
Organization: A noiseless patient Spider
Lines: 32
Message-ID: <ufok80$1fkp6$1@dont-email.me>
References: <b8fd4d7f-ee53-4f2d-a410-668c94ec5a8en@googlegroups.com>
<58394583-8e8d-4452-b8a3-c5bac1dba4bcn@googlegroups.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit
Injection-Date: Fri, 6 Oct 2023 09:32:49 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="c3a9d9e643a9f109e179ae15926080de";
logging-data="1561382"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18rNKcq3Tl1JiyhoVUprpMk"
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:102.0) Gecko/20100101
Thunderbird/102.2.2
Cancel-Lock: sha1:jQjCJx/ga2C4fKu6TxfW4v5pvuY=
In-Reply-To: <58394583-8e8d-4452-b8a3-c5bac1dba4bcn@googlegroups.com> Content-Language: en-US
X-Received-Bytes: 2921

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Friday, 6 October 2023 at 18:04:50 UTC+2, a a wrote:

The arsehole Don Y <blocked...@foo.invalid> persisting in being an Off-topic troll...

--
Don Y <blocked...@foo.invalid> wrote:

Path: not-for-mail
From: Don Y <blocked...@foo.invalid>
Newsgroups: sci.electronics.design
Subject: Re: Before a person gives his laptop away and wants to erase all info/data
Date: Fri, 6 Oct 2023 02:32:39 -0700
Organization: A noiseless patient Spider
Lines: 32
Message-ID: <ufok80$1fkp6$1...@dont-email.me>
References: <b8fd4d7f-ee53-4f2d...@googlegroups.com> <58394583-8e8d-4452...@googlegroups.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit
Injection-Date: Fri, 6 Oct 2023 09:32:49 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="c3a9d9e643a9f109e179ae15926080de";
logging-data="1561382"; mail-complaints-to="ab...@eternal-september.org"; posting-account="U2FsdGVkX18rNKcq3Tl1JiyhoVUprpMk"
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:102.0) Gecko/20100101
Thunderbird/102.2.2
Cancel-Lock: sha1:jQjCJx/ga2C4fKu6TxfW4v5pvuY=
In-Reply-To: <58394583-8e8d-4452...@googlegroups.com>
Content-Language: en-US
X-Received-Bytes: 2921

don't be silly

Laptops by Dell come with OS installed in the BIOS,
supported by LoJack remote access functionality
so you can do nothing
to wipe out or erase the BIOS

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Yet one more #veryStupidByLowIQaa post.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)