A Little Help With Disk Cleaning/security

Discussion in 'Computer Security' started by Slick32, Sep 7, 2005.

  1. Slick32

    Slick32 Guest

    Some time ago, Norton had a routine that would wipe the unused portion of
    your hard drive to government standards (those areas that are not occupied
    by current valid files).

    Is there any such software available. Just want to secure the
    unused/unoccupied portion of my hard drive

    Slick32
    Slick32, Sep 7, 2005
    #1
    1. Advertising

  2. On Wed, 7 Sep 2005 12:15:46 -0500, in alt.computer.security ,
    "Slick32" <> in <lfFTe.3419$Zp.165@lakeread04>
    wrote:

    >Some time ago, Norton had a routine that would wipe the unused portion of
    >your hard drive to government standards (those areas that are not occupied
    >by current valid files).
    >
    >Is there any such software available. Just want to secure the
    >unused/unoccupied portion of my hard drive


    Eraser works nicely: http://www.tolvanen.com/eraser/

    --
    Matt Silberstein

    Do something today about the Darfur Genocide

    Genocide is news | Be A Witness
    http://www.beawitness.org

    "Darfur: A Genocide We can Stop"
    www.darfurgenocide.org

    Save Darfur.org :: Violence and Suffering in Sudan's Darfur Region
    http://www.savedarfur.org/
    Matt Silberstein, Sep 7, 2005
    #2
    1. Advertising

  3. Slick32

    Notan Guest

    Matt Silberstein wrote:
    >
    > On Wed, 7 Sep 2005 12:15:46 -0500, in alt.computer.security ,
    > "Slick32" <> in <lfFTe.3419$Zp.165@lakeread04>
    > wrote:
    >
    > >Some time ago, Norton had a routine that would wipe the unused portion of
    > >your hard drive to government standards (those areas that are not occupied
    > >by current valid files).
    > >
    > >Is there any such software available. Just want to secure the
    > >unused/unoccupied portion of my hard drive

    >
    > Eraser works nicely: http://www.tolvanen.com/eraser/


    Is this Heidi's?

    I checked the website (http://www.heidi.ie/eraser), but it no longer
    seems to be in existence.

    Notan
    Notan, Sep 7, 2005
    #3
  4. On Wed, 07 Sep 2005 11:46:51 -0600, in alt.computer.security , Notan
    <> in <> wrote:

    >Matt Silberstein wrote:
    >>
    >> On Wed, 7 Sep 2005 12:15:46 -0500, in alt.computer.security ,
    >> "Slick32" <> in <lfFTe.3419$Zp.165@lakeread04>
    >> wrote:
    >>
    >> >Some time ago, Norton had a routine that would wipe the unused portion of
    >> >your hard drive to government standards (those areas that are not occupied
    >> >by current valid files).
    >> >
    >> >Is there any such software available. Just want to secure the
    >> >unused/unoccupied portion of my hard drive

    >>
    >> Eraser works nicely: http://www.tolvanen.com/eraser/

    >
    >Is this Heidi's?
    >
    >I checked the website (http://www.heidi.ie/eraser), but it no longer
    >seems to be in existence.


    Yes, it is. That website is not around, but the one I gave is the one
    in the help file. The About points to Heidi's site.




    --
    Matt Silberstein

    Do something today about the Darfur Genocide

    Genocide is news | Be A Witness
    http://www.beawitness.org

    "Darfur: A Genocide We can Stop"
    www.darfurgenocide.org

    Save Darfur.org :: Violence and Suffering in Sudan's Darfur Region
    http://www.savedarfur.org/
    Matt Silberstein, Sep 7, 2005
    #4
  5. From: "Slick32" <>

    | Some time ago, Norton had a routine that would wipe the unused portion of
    | your hard drive to government standards (those areas that are not occupied
    | by current valid files).
    |
    | Is there any such software available. Just want to secure the
    | unused/unoccupied portion of my hard drive
    |
    | Slick32
    |

    Norton/Symantec Gdisk.exe can wipe a hard disk but only the entire hard disk.
    I don't know of a Gov't. specification to "...wipe the unused portion of your hard drive
    ...."

    I think you need to be more concerned the actual data on a drive rather than the unused area
    of said drive.

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    http://www.ik-cs.com/got-a-virus.htm
    David H. Lipman, Sep 7, 2005
    #5
  6. Slick32

    Moe Trin Guest

    In the Usenet newsgroup alt.computer.security, in article
    <9gGTe.3$%f2.1@trnddc09>, David H. Lipman wrote:

    >From: "Slick32" <>


    >| Some time ago, Norton had a routine that would wipe the unused portion of
    >| your hard drive to government standards (those areas that are not occupied
    >| by current valid files).


    Norton "Wipefile" and Wipedisk" part of the old Norton Utilities from the
    1980s and 1990s. They were replaced by "Wipeinfo" - a GUI version. There
    were other programs from other suppliers that did similar/identical function.

    >I don't know of a Gov't. specification to "...wipe the unused portion of
    >your hard drive ..."


    Advertising copy. The two Norton applications above had a /G option:

    The /G switch performs wiping to match certain government specifi-
    cations, such as DOD 5220.22-M. In this mode, WIPEFILE wipes data
    three times with three different values (binary 1s, 0s, and the standard
    or /V wiping value). After the third wipe, the data is read-checked.

    That's out of the "Norton Utilities Version 4.0 / Advanced Edition" user
    manual from 1987. "WIPEDISK" had an identical option. The default wipe
    value used for the third pass was a zero. "WIPEINFO" was similar, but I
    think it wiped four times (0xFF, 0x00, 0x00, 0xF6), rather than three.
    Most people today prefer that the last wipe be random data. Note also
    that this only claimed to _match_ the government requirements, not that
    the application was approved by the government for this task.

    DoD 5220.22-M has been updated several times since then (current version
    is a huge PDF, dated January 1995, easily located by googling for the
    keyword '5220.22-M'). Chapter 8 Subsection 306 deals with the Cleaning and
    Sanitization of Magnetic Disks. However, it actually applies to the
    entire disk, rather than "unused" portions. The requirements pertain
    to the cleaning/sanitizing of disks that contained up to US Secret data,
    and required degaussing, or destruction of the drive, or a 3 pass wipe.
    To my knowledge, 5220.22-M has never dealt with just files or unused space
    because there is no reliable method of doing so ("reliable" meaning that
    it satisfies the spooks). Modern disk-caching may negate the effect of
    repeated wipe attempts as one example.

    Note that if 5220.22-M applies to you, SEE YOUR GOVERNMENT DESIGNATED
    SECURITY OFFICER before you casually wipe secure data, as there probably
    is certain reporting procedures required - read that as "lottsa paperwork"!

    Old guy
    Moe Trin, Sep 8, 2005
    #6
  7. From: "Moe Trin" <>

    | In the Usenet newsgroup alt.computer.security, in article
    | <9gGTe.3$%f2.1@trnddc09>, David H. Lipman wrote:
    |
    >> From: "Slick32" <>

    |
    >|> Some time ago, Norton had a routine that would wipe the unused portion of
    >|> your hard drive to government standards (those areas that are not occupied
    >|> by current valid files).

    |
    | Norton "Wipefile" and Wipedisk" part of the old Norton Utilities from the
    | 1980s and 1990s. They were replaced by "Wipeinfo" - a GUI version. There
    | were other programs from other suppliers that did similar/identical function.
    |
    >> I don't know of a Gov't. specification to "...wipe the unused portion of
    >> your hard drive ..."

    |
    | Advertising copy. The two Norton applications above had a /G option:
    |
    | The /G switch performs wiping to match certain government specifi-
    | cations, such as DOD 5220.22-M. In this mode, WIPEFILE wipes data
    | three times with three different values (binary 1s, 0s, and the standard
    | or /V wiping value). After the third wipe, the data is read-checked.
    |
    | That's out of the "Norton Utilities Version 4.0 / Advanced Edition" user
    | manual from 1987. "WIPEDISK" had an identical option. The default wipe
    | value used for the third pass was a zero. "WIPEINFO" was similar, but I
    | think it wiped four times (0xFF, 0x00, 0x00, 0xF6), rather than three.
    | Most people today prefer that the last wipe be random data. Note also
    | that this only claimed to _match_ the government requirements, not that
    | the application was approved by the government for this task.
    |
    | DoD 5220.22-M has been updated several times since then (current version
    | is a huge PDF, dated January 1995, easily located by googling for the
    | keyword '5220.22-M'). Chapter 8 Subsection 306 deals with the Cleaning and
    | Sanitization of Magnetic Disks. However, it actually applies to the
    | entire disk, rather than "unused" portions. The requirements pertain
    | to the cleaning/sanitizing of disks that contained up to US Secret data,
    | and required degaussing, or destruction of the drive, or a 3 pass wipe.
    | To my knowledge, 5220.22-M has never dealt with just files or unused space
    | because there is no reliable method of doing so ("reliable" meaning that
    | it satisfies the spooks). Modern disk-caching may negate the effect of
    | repeated wipe attempts as one example.
    |
    | Note that if 5220.22-M applies to you, SEE YOUR GOVERNMENT DESIGNATED
    | SECURITY OFFICER before you casually wipe secure data, as there probably
    | is certain reporting procedures required - read that as "lottsa paperwork"!
    |
    | Old guy

    Actually those specifications were updated again in 2001 in a memo by Linton Wells II,
    entitled: "Disposition of Unclassified DoD Computer Hard Drives" . In the sanitization
    section of the memo it details three cycles (8 bit pattern, 8 bit pattern complement and
    another pattern [ such as; 11111111, 00000000 and 10101010 ] and this is done 6 times.

    Having not read EVERY DoD 5000 series document I had not seen a specification for wiping
    unused areas of a hard disk. Only entire hard disks. In late 2001/early 2002 Symantec
    GDISK.EXE was updated to conform to this new standard but according to DISA it had not been
    approved for DoD use. The older WIPEDISK.EXE was probably the basis for GDISK.EXE

    The following GDISK.EXE PDF manual was printed after the new DoD standard.
    ftp://ftp.symantec.com/public/english_us_canada/products/ghost/manuals/DoDwipe.pdf

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    http://www.ik-cs.com/got-a-virus.htm
    David H. Lipman, Sep 8, 2005
    #7
  8. Slick32

    speeder Guest

    On Wed, 7 Sep 2005 12:15:46 -0500, "Slick32" <>
    wrote:

    >Some time ago, Norton had a routine that would wipe the unused portion of
    >your hard drive to government standards (those areas that are not occupied
    >by current valid files).
    >
    >Is there any such software available. Just want to secure the
    >unused/unoccupied portion of my hard drive
    >
    >Slick32
    >


    There are certainly smaller applications that do what you want but
    there is a feature in the PGP application which wipes out free space.
    You can also use it to wipe out specific files instead of just
    deleting them. According to their documentation:

    "The PGP wipe feature exceeds the media sanitization requirements of
    Department of Defense 5220.22-M at three passes. Security continues to
    increase up to approximately 28 passes."

    Obviously the program is meant for encryption, this is just a feature.
    If you are concerned with the privacy and security of your files this
    is an excelent program to consider. It can encrypt your whole disk too
    so then recovery attempts are useless.
    speeder, Sep 8, 2005
    #8
  9. Slick32

    Moe Trin Guest

    In the Usenet newsgroup alt.computer.security, in article
    <H41Ue.567$3B2.353@trnddc02>, David H. Lipman wrote:

    >Actually those specifications were updated again in 2001 in a memo by
    >Linton Wells II, entitled: "Disposition of Unclassified DoD Computer
    >Hard Drives" . In the sanitization section of the memo it details three
    >cycles (8 bit pattern, 8 bit pattern complement and another pattern [ such
    >as; 11111111, 00000000 and 10101010 ] and this is done 6 times.


    It's a pity that the people who write these requirements are so lacking
    in technical knowledge and think that writing that pattern to the disk
    results in that pattern on the media surface. It is somewhat true for
    floppies, and ancient MFM hard drives from the 1980s, but is quite
    untrue for even the ancient RLL drives from the late 1980s. ALL modern
    drives use a more intelligent encoding scheme, to increase the data
    density on the media. This is not a one-for-one encoding scheme.

    >Having not read EVERY DoD 5000 series document I had not seen a
    >specification for wiping unused areas of a hard disk. Only entire hard
    >disks.


    I doubt one exists, as the concept makes no sense. If there is classified
    material on the drive, it's classified. End of story. "Need to know"
    information theory doesn't matter. Until the entire drive is sanitized,
    the entire drive is classified, even if all it had was the secretary's
    schedule of who is supposed to clean the coffee pot today.

    Old guy
    Moe Trin, Sep 9, 2005
    #9
  10. Slick32

    Steve Welsh Guest

    > If there is classified material on the drive, it's classified.
    So that is going to stop some ill-intentioned person reading that hard
    drive if they happen to find it in their possession is it? Ooops -
    mustn't read this - it's classified!!
    > Old guy


    Don't think so somehow!!
    Steve Welsh, Sep 9, 2005
    #10
  11. From: "Steve Welsh" <>

    >> If there is classified material on the drive, it's classified.

    | So that is going to stop some ill-intentioned person reading that hard
    | drive if they happen to find it in their possession is it? Ooops -
    | mustn't read this - it's classified!!
    >> Old guy

    |
    | Don't think so somehow!!

    If it was classified, "some ill-intentioned person" won't have access to that machine unless
    they are cleared. If they are not cleared then they are within the enclave with an escort
    who is cleared for access and that ill-intentioned person would not be left alone.

    Additionally "some ill-intentioned person" just won't "happen to find it in their
    possession".

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    http://www.ik-cs.com/got-a-virus.htm
    David H. Lipman, Sep 10, 2005
    #11
  12. Slick32

    Ken Ward Guest

    On Fri, 09 Sep 2005 23:42:31 GMT, "David H. Lipman"
    <DLipman~nospam~@Verizon.Net> wrote:

    >From: "Steve Welsh" <>
    >
    >>> If there is classified material on the drive, it's classified.

    >| So that is going to stop some ill-intentioned person reading that hard
    >| drive if they happen to find it in their possession is it? Ooops -
    >| mustn't read this - it's classified!!
    >>> Old guy

    >|
    >| Don't think so somehow!!
    >
    >If it was classified, "some ill-intentioned person" won't have access to that machine unless
    >they are cleared. If they are not cleared then they are within the enclave with an escort
    >who is cleared for access and that ill-intentioned person would not be left alone.
    >
    >Additionally "some ill-intentioned person" just won't "happen to find it in their
    >possession".

    Minor quibble. The above reads better with "shouldn't" instead of
    "won't". An awful lot of classified media has ended up with
    ill-intentioned people over the years.
    Ken Ward, Sep 10, 2005
    #12
  13. From: "Ken Ward" <>

    Additionally "some ill-intentioned person" just won't "happen to find it in their
    possession".

    | Minor quibble. The above reads better with "shouldn't" instead of
    | "won't". An awful lot of classified media has ended up with
    | ill-intentioned people over the years.

    Then it wouldn't be a "find" then, it would have been a "theft."

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    http://www.ik-cs.com/got-a-virus.htm
    David H. Lipman, Sep 10, 2005
    #13
  14. Slick32

    Steve Welsh Guest

    http://news.bbc.co.uk/1/hi/technology/3109602.stm

    and then tell me that it is not possible for a hard drive to get into
    the wrong hands ;)

    > If it was classified, "some ill-intentioned person" won't have access to that machine unless
    > they are cleared. If they are not cleared then they are within the enclave with an escort
    > who is cleared for access and that ill-intentioned person would not be left alone.
    >
    > Additionally "some ill-intentioned person" just won't "happen to find it in their
    > possession".
    >
    Steve Welsh, Sep 10, 2005
    #14
  15. Slick32

    Ken Ward Guest

    On Sat, 10 Sep 2005 01:33:13 GMT, "David H. Lipman"
    <DLipman~nospam~@Verizon.Net> wrote:

    >From: "Ken Ward" <>
    >
    >Additionally "some ill-intentioned person" just won't "happen to find it in their
    >possession".
    >
    >| Minor quibble. The above reads better with "shouldn't" instead of
    >| "won't". An awful lot of classified media has ended up with
    >| ill-intentioned people over the years.
    >
    >Then it wouldn't be a "find" then, it would have been a "theft."

    Not really. There have been numerous cases of hard drives containing
    classified material being found at rubbish tips, or even bought
    legitimately at clearance sales.
    Ken Ward, Sep 10, 2005
    #15
  16. David H. Lipman, Sep 10, 2005
    #16
  17. From: "Steve Welsh" <>

    | http://news.bbc.co.uk/1/hi/technology/3109602.stm
    |
    | and then tell me that it is not possible for a hard drive to get into
    | the wrong hands ;)
    |
    >> If it was classified, "some ill-intentioned person" won't have access to that machine
    >> unless they are cleared. If they are not cleared then they are within the enclave with
    >> an escort who is cleared for access and that ill-intentioned person would not be left
    >> alone.
    >>
    >> Additionally "some ill-intentioned person" just won't "happen to find it in their
    >> possession".
    >>


    Sensitive information (SBU) is not classified information.

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    http://www.ik-cs.com/got-a-virus.htm
    David H. Lipman, Sep 10, 2005
    #17
  18. Slick32

    Moe Trin Guest

    In the Usenet newsgroup alt.computer.security, in article
    <>, Steve Welsh wrote:

    >>If it was classified, "some ill-intentioned person" won't have access
    >> to that machine unless they are cleared.


    I agree with Ken here - the correct word is "shouldn't" not "won't"

    >http://news.bbc.co.uk/1/hi/technology/3109602.stm
    >
    >and then tell me that it is not possible for a hard drive to get into
    >the wrong hands ;)


    You may note that the article is quoting a Thales spokesman, whose
    company stands to make a tidy pile of currency to implement the
    disk encryption scheme. I am a bit surprised that this isn't in
    place already - we've been encrypting disks that temporarily leave
    our facilities for over ten years, and we're just a corporate R&D
    division. The only thing that leaves our facility without paperwork
    is the trash - which is shredded before it gets to the door.

    Not withstanding that (I've also see the information released by the
    UK government in response to a question in the house - see Risks-Digest
    volume 23 issue 94 for one recent reference), under normal circumstances
    the poor sod who was assigned the hardware that disappeared is often in
    extremely deep weeds as a result. Most agencies dealing with classified
    data don't take kindly when it either turns up missing, or is splashed
    across the front page of some news paper or equal. Can you say "career
    limiting move" - I thought you could. As a consequence, second
    occurrences are "rare" even in the same department/division.

    Old guy
    Moe Trin, Sep 10, 2005
    #18
  19. Slick32

    Ken Ward Guest

    On Sat, 10 Sep 2005 17:15:56 GMT, "David H. Lipman"
    <DLipman~nospam~@Verizon.Net> wrote:

    >From: "Ken Ward" <>
    >
    >
    >| Not really. There have been numerous cases of hard drives containing
    >| classified material being found at rubbish tips, or even bought
    >| legitimately at clearance sales.
    >
    >Must be an Australian problem ;-)


    World-wide problem.

    US - IIRC - Baton Rouge - Very large IT company closed down a research
    facility & sold off the computers. Turned out disks had not been
    wiped, just had files deleted. Rival firm is alledged to have sent in
    people to buy up as many as possible.

    2004 Los Alamos National Laboratory - zip drives found in back of
    employees pick-up.

    http://www.timesonline.co.uk/article/0,,2-1487674,00.html

    At least 75 pages of highly classified information about human
    traffickers from the Dutch Royal Marechaussee - a service of the Dutch
    armed forces that is responsible for guarding the Dutch borders - have
    been leaked to the controversial weblog Geen Stijl (No Style). The
    documents, whicn contain phone numbers and tapped conversations, were
    found unencrypted on Kazaa, the public file sharing service. The
    likeliest explanation for their appearance is that a member Dutch
    Royal Marechaussee worked on the documents from home and
    unintentionally shared his entire hard drive with the rest of the
    world, through Kazaa.

    http://www.fas.org/sgp/othergov/ig_deutch.html
    Ken Ward, Sep 11, 2005
    #19
  20. Slick32

    Guest

    quote: "I think you need to be more concerned the actual data on a
    drive rather than the unused area
    of said drive."

    Maybe he wants to ensure that deleted files cant be recovered. Deleting
    the file just removes a flag that basically says here I am and this
    sector is in use. Deleting the file just removes that flag not the
    file. If a new file has not overwritten the deleted one, it is quite
    easy to recover.
    , Sep 13, 2005
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. COMSOLIT Messmer

    IT-Security, Security, e-security

    COMSOLIT Messmer, Sep 5, 2003, in forum: Computer Support
    Replies:
    0
    Views:
    562
    COMSOLIT Messmer
    Sep 5, 2003
  2. Harry Da Hat

    Disk Space On System Disk In XP

    Harry Da Hat, Nov 13, 2003, in forum: Computer Support
    Replies:
    0
    Views:
    726
    Harry Da Hat
    Nov 13, 2003
  3. MJP

    Transfer an application disk to disk

    MJP, Dec 10, 2003, in forum: Computer Support
    Replies:
    6
    Views:
    2,044
    Mistoffolees
    Dec 15, 2003
  4. Puzzled

    little red X in little white box

    Puzzled, Dec 12, 2004, in forum: Computer Support
    Replies:
    8
    Views:
    8,555
    Blinky the Shark
    Dec 13, 2004
  5. dah_dah

    Cleaning a Disk Drive

    dah_dah, Jan 17, 2006, in forum: Computer Support
    Replies:
    6
    Views:
    350
    Gary G. Taylor
    Jan 20, 2006
Loading...

Share This Page