Recently I contacted a local company to ask for some unused hardware. Indeed, most companies keep their previous generation of hardware as a backup.

Their CEO told me I could have their servers (3 servers from 2007), only if I could certify the proper erasure of their data on the machines.

Another challenge for me ! With such a reward – 3 servers to have fun with -, the daunting task of reading research paper and sorting it out.


You can get a synthesis of my work as a pdf in french.

Contents

Deleting a file in most OSes comes down to erasing its adress in the filesystem index. However the file still exists despite its location being unknown by now. Somebody could get it, thus representing a security problem.

One should distinguish logical erasure from physical erasure. The latter destroys the memory support in the process.

Three erasure standards come out of the bunch of erasure protocols available :

  • The Gutmann Algorithm : 35 rows. The longest operating standard, but suitable for all memory supports.
  • DoD 5520.22-M : different row numbers depending of the level of security required. ‘DoD’ stands for Department of Defense as this protocols has been conceived for the American Government.
  • AFSSI-5020 : USAF erasure standard since 1996.

Their implementations can be found in most logical erasure software, which we have chosen a bunch whose code is open source, allowing their code audition by professionnals :

  • hdparm is an interface to SATA/PATA/SAS/SSD disks. Erasure it only one of its abilities, through the disk firware. It also features disk health report and setting.
  • shred is a high-level erasure command.
  • wipe is a command used as a backend by DBAN, a software used by the NSA.
  • nwipe ncurses fork of wipe.
  • srm in a high-level erasure command implementing the 3 chosen protocols.

While it is advised to use any of them, you should proceed with care on SSDs as they suffer from remanency. The only adviseable too with such memories are their firmware, which includes an eraser. hdparm being an interface to such firmware, it can be used to erase SSDs following a standard pattern.

When is erasement needed ?

Every time you put sensible information and don’t need it anymore to be on the device.

It can be as simple as a text file on you USB key. When you don’t need it anymore on the key, it’s dangerous to let it stay on it. One could get it or you could lose it somehow, letting potentialy sensible information in the open.

How to physicaly erase a device

Unless you possess a very expansive demagnetiser (you can build yours with lots of copper coil and a decreasing alternative voltage – but electromagnetical high powered radiations may have side effects on your health), a physical erasure of your device is not an option. And even then, the device’s firmware is erased in the process. Duh.

It’s been seen on good TV shows and in less fictional events: use a microwave, fire and/or an electric drill to destroy flash drives and hard disks drives, plate by plate. The best ways prove to be the funniest!