Re: DoD Harddrive Secure Erase Wipe

Re: DoD Harddrive Secure Erase Wipe

am 03.04.2008 04:06:08 von roberson

In article <2c114aec-04ba-4579-ae1b-5389bc17cf5b@u10g2000prn.googlegroups.com>,
oktokie wrote:

>I have a project which I need to DoD harddrives for the company. I
>have large raid-scsi enclosure which I can use.

>I've got a question, does anyone have working knowledge of DoD5200.28-
>STD & DoD5200.22-M? I need to know how it's supposed to work, then I
>could just write simple c program to erase drive instead of relying on
>other tools for speed.

As best I understand, there -are- no "simple" programs that do DoD
approved wipes. Multiple passes with random data is not enough:
you have to ensure that you get at all the spared sectors and at
any left-over data clusters that don't happen to fit clusters with
the current sector length. You mentioned RAID, and RAID tends to
use sector lengths a little above 512, so if there was ever a time
when an individual drive was formated for use outside of the RAID,
the left-over clusters could occur (and if you are working to DoD
specs then you had best assume that the drives might have had
different uses before they made it to the present RAID.)

>I need fastest solution available.

Hardware destruction such as triggered thermite, or an
artificial EMP. Oh, and consider only writing encrypted data on
to the RAID in the first place (including only using encrypted
swap.)

If you really *need* DoD level wiping, then you will have a
contact either within your company or within the DoD who will
guide you through the requirements. Counting on anything that *I*
say on the matter could be a serious mistake: after all, I might
work for a foreign government and thus have an interest in ensuring
that your wipe is *not* thorough.

(And as a matter of fact, I do work for a foreign government...)