[CentOS] help fdisk and dd
John R Pierce
pierce at hogranch.com
Thu Mar 4 19:40:39 UTC 2010
m.roth at 5-cent.us wrote:
> That may be the case, but the laws and regulations still want that level
> of security, due to the regular "one of our people lost a laptop/it was
> stolen, and 7 zillion PII* got stolen!!!"
>
> mark "yes, I am working for the gov't"
>
the oft-quoted 1995 vintage DoD 5220-22m standard of writing 1010, 0101,
1111, 0000 then repeating three times was deprecated from the 2001
edition of the same document.
the NIST has a document on data destruction, too...
http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf
where table 2-1 says a single overwrite is quite sufficient on most of
today's media...
For truly secure data erasure, shread the drives in a chipper, its
faster and cheaper. NIST defines three levels, 'clear', 'purge', and
'destroy'. clear is simply writing a random pattern over the data.
'purge' is degaussing the media, which renders it permanently unusuable
with any modern disk, so you might as well grind/incinerate/etc the drives.
I like the bit on page 32 of that document telling the telecommuter how
to smash a drive with a hammer if he doesn't have access to proper
equipment.
More information about the CentOS
mailing list