Re: A Little Help With Disk Cleaning/security
From: Moe Trin (ibuprofin_at_painkiller.example.tld)
Date: 09/08/05
- Next message: David H. Lipman: "Re: A Little Help With Disk Cleaning/security"
- Previous message: Notan: "Re: Firewall / AV choice?"
- In reply to: David H. Lipman: "Re: A Little Help With Disk Cleaning/security"
- Next in thread: David H. Lipman: "Re: A Little Help With Disk Cleaning/security"
- Reply: David H. Lipman: "Re: A Little Help With Disk Cleaning/security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 08 Sep 2005 15:03:38 -0500
In the Usenet newsgroup alt.computer.security, in article
<9gGTe.3$%f2.1@trnddc09>, David H. Lipman wrote:
>From: "Slick32" <Slick32@Someware.Com>
>| Some time ago, Norton had a routine that would wipe the unused portion of
>| your hard drive to government standards (those areas that are not occupied
>| by current valid files).
Norton "Wipefile" and Wipedisk" part of the old Norton Utilities from the
1980s and 1990s. They were replaced by "Wipeinfo" - a GUI version. There
were other programs from other suppliers that did similar/identical function.
>I don't know of a Gov't. specification to "...wipe the unused portion of
>your hard drive ..."
Advertising copy. The two Norton applications above had a /G option:
The /G switch performs wiping to match certain government specifi-
cations, such as DOD 5220.22-M. In this mode, WIPEFILE wipes data
three times with three different values (binary 1s, 0s, and the standard
or /V wiping value). After the third wipe, the data is read-checked.
That's out of the "Norton Utilities Version 4.0 / Advanced Edition" user
manual from 1987. "WIPEDISK" had an identical option. The default wipe
value used for the third pass was a zero. "WIPEINFO" was similar, but I
think it wiped four times (0xFF, 0x00, 0x00, 0xF6), rather than three.
Most people today prefer that the last wipe be random data. Note also
that this only claimed to _match_ the government requirements, not that
the application was approved by the government for this task.
DoD 5220.22-M has been updated several times since then (current version
is a huge PDF, dated January 1995, easily located by googling for the
keyword '5220.22-M'). Chapter 8 Subsection 306 deals with the Cleaning and
Sanitization of Magnetic Disks. However, it actually applies to the
entire disk, rather than "unused" portions. The requirements pertain
to the cleaning/sanitizing of disks that contained up to US Secret data,
and required degaussing, or destruction of the drive, or a 3 pass wipe.
To my knowledge, 5220.22-M has never dealt with just files or unused space
because there is no reliable method of doing so ("reliable" meaning that
it satisfies the spooks). Modern disk-caching may negate the effect of
repeated wipe attempts as one example.
Note that if 5220.22-M applies to you, SEE YOUR GOVERNMENT DESIGNATED
SECURITY OFFICER before you casually wipe secure data, as there probably
is certain reporting procedures required - read that as "lottsa paperwork"!
Old guy
- Next message: David H. Lipman: "Re: A Little Help With Disk Cleaning/security"
- Previous message: Notan: "Re: Firewall / AV choice?"
- In reply to: David H. Lipman: "Re: A Little Help With Disk Cleaning/security"
- Next in thread: David H. Lipman: "Re: A Little Help With Disk Cleaning/security"
- Reply: David H. Lipman: "Re: A Little Help With Disk Cleaning/security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
