Tech Forum

Hello! We have a number of older computers that are no longer in service. We've placed them in a secure place, but would like to scrub the drives and donate them to a school in Guatemala. I note that the recommendation for this procedure is to make certain the hard disks have been scrubbed so that private data is not at risk. I note there are many such utilities out there on the internet, and am wondering if there is a particular program that is recommended, either officially by the church or by members of this forum.

Thank you for your advice in advance,

Dan Skousen

I don't think it matters much what you use to wipe the drive. I remember reading somewhere that data recovery can get to 20-30 write old data, or more. The FBI doesn't really publish what its full capability is.

DoD specs for data security mandate shredding of classified drives (yes, hard drives).

So, in short, if you REALLY can't let the data out, or don't trust the new user, don't donate the drives, except as scrap metal. If you just want to make sure that someone doesn't stumble onto your info, run a couple of passes with a multi-write drive wiper. More than 3-4 passes will make sure that you can't get the data w/o a pretty expensive process.

A google of 'drive wipe' got me a few good candidates.

There is a nice stand-alone (bootable) method called "Darik's Boot and Nuke" found here: http://dban.sourceforge.net/

You can boot into this utility, and it will securely erase the drive.

Of course, as mentioned, the FBI probably could recover the data, but it should be good enough for donation.

The only sure prevention of data loss is to take a sledge hammer to it

-- Steven

The church does have a commercial program available for wiping drives. I don't know as it's any better then the Open Source stuff. You might want to look over this ZDNet article as it talks about a utility that uses the drive's internals to do the wipe - far faster then the brute force used by others. Hopefully your drives are new enough to have that command.

chrissv wrote:There is a nice stand-alone (bootable) method called "Darik's Boot and Nuke" found here: http://dban.sourceforge.net/

You can boot into this utility, and it will securely erase the drive.

I too have used this program, and its great. Simple, and seems to be effective, although I would increase the number of passes to at least 3.

Aaron

I worked in information security as a Computer Security Specialist and network administrator with the U.S. Department of Justice. We often used Symantec Wipe Info set on DoD security wipe. We would also degauss hard drives with a magnetic degausser.

The Church training modules suggest you simply download a free disk security program from the internet. Granted, if there is information on the drive dealing with a plot against the President of the U.S., the Secret Service or FBI may retrieve the data, but for all practical applications, following the instructions on the Church training module is quite sufficient. I would trust a drive wiped in this manner to be reused. I have never known of a wiped drive to ever have data accidentally accessed or even accessed by armature effort. Even with professional effort, only fragments of the data would likely be retrievable.

After all, if the data needs to be that secure, why can someone just break a window in the Clerk's Office and walk away with the entire PC.

BarryHill wrote:We would also degauss hard drives with a magnetic degausser.

I wouldn't recommend that for a hard drive that's going to be re-used. I believe that disks use a servo track and if the track is damaged, the drive will be useless. If the servo track isn't wiped, then the effort was probably futile to begin with.

But I agree that the disk wipe utilities are enough. It's not necessary to absolutely make things recover-proof, but to make the bad guys go find easer targets.

Thanks for all of the great suggestions. I'll go download one of those free scrubbers and have fun cleaning things up!

One that I've used over the years is a simple command-line utility called SDELETE. It's part of the SysInternals suite, now owned by Microsoft.

It's only 47K bytes, so it fits nicely on a bootable floppy (or flashdrive). As do many other programs of this type, it implements the Department of Defense clearing and sanitizing standard DOD 5220.22-M.

As others have pointed out, a few passes is fine for resale. This will render the old data 100% unrecoverable to all but multi-million dollar government labs.

One thing I've used is a handy CD that I can load Knoppix, a Linux distribution. Instead of starting into a graphical environment, I boot into a command line and run the "shred" command on the hard drive, which is the equivalent of the above mentioned programs.

Good points - handy CD that doesn't require any bootable hard drive. Handy in case a drive can't boot but has personal information on it. Doesn't require a lot of RAM.

Bad points - some (very small) Linux required and a way to boot from the CD (usually changed in the BIOS).

This recently worked on some old computers with 32 Meg of RAM running WIn 98SE, barely.