Erasing HDD: Software-driven vs SATA command ?

×

Status message

You are not a member of this team. If you want to be part of this team, click on 'Subscribe to this team'.

The current step-by-step guide recommends overwriting the storage 2 (English wiki) or 3 (German wiki) times with random numbers using the shred program. However, as far as I'm aware, software-driven overwriting nowadays doesn't guarantee that the whole storage medium is actually deleted due to intricacies in device controllers and a deletion using the (S)ATA Secure Erase command issued to the device controller is the recommended way to delete all data on the drive in question.

I therefore wanted to ask whether there was a specific decision within the labdoo communicty to stick with the software-driven overwriting using shred and if so, what the reasoning behind it was, or if it's just an instance of it's-the-way-we've-been-doing-things ;)

I can see the following points in favor of using shred:

  • Easy to use (just issuing a terminal command, as opposed to issuing SATA Secure Erase which might require some BIOS tinkering from my experience)
  • Secure enough for the use case (We probably don't expect (forensic) data recovery experts to disassemble the drive to reconstruct the data, so we can probably afford not overwriting bad sectors and such)

So, has this been discussed previously (I skimmed over this support wall but didn't see anything like it)? What is the position towards this within the community?

Comments

jprisab's picture
Submitted by jprisab on Sun, 12/29/2019 - 12:15

Hello,

thank you very much for your thoughtful considerations. They are a very valid point since being able to guarantee the safe data removal from our donors is a priority for us.

There is not a consensuated decision from the Labdoo core team nor has it been openly discussed this topic. All the manuals you find in the wiki are proccedures documented by some of the most experienced users on how do we prepare the laptops to be given to the projects, but unluckly (and much to my regret) there is not an standarized way on how to prepare a laptop

----

Having said so...I personally take that shred method offers a very acceptable degree of security. It is recommended by the German Information Security institute (https://www.bsi-fuer-buerger.de/BSIFB/DE/Empfehlungen/RichtigLoeschen/ri...) and although I is possible that very focused and determined hackers or security specialists, maybe would be able to recover some of the data, can you still be sure that SATA secure data removal is 100% safe? (you can always go deeper into this scepticism loop...)

shred removal is easier to use and included in the Labtix releases we facilitate, many of our volunteers are not that technical and having to tinkle with BIOS commands for each different model could be a barrier for them to continue supporting us
(but this is also my opinion based on my experience and interaction with other users)

I want to insist that this 2 points are my personal opinion and that there is no official, consensuated preffered data removal method from Labbdoo side.

I also want to thank you for your considerations and feedback and would encourage you to provide any other comments or ideas (regarding this or other topics)

lumip's picture
Submitted by lumip on Tue, 12/31/2019 - 13:02

Hey, thanks for your reply on this. Given what you said, it might be time to have this discussion now, then, so maybe if we get some more voices sharing their opinions here, that would be great.

I just wanted to briefly pick up on your mentioning of the BSI recommendation: Careful reading of that actually recommends using the ATA Secure Erase command in combination with software-driven overwriting:

Die Anwendung von "Secure Erase" sollte mit dem oben angeführten Überschreiben mit Zufallszahlen kombiniert werden.

Application of "Secure Erase" should be cominbed with the aforementioned overwriting with random numers.

That said,I agree with your position that using shred is much easier for volunteers that may not have so much experience to be confindent to pull Secure Erase off and is most likely sufficient.
However, personally I will probably try to incorporate Secure Erase as a first pass in the 3-pass overwriting procedure (i.e., issue Secure Erase + 2-pass shred (if possible, otherwise fall back to 3-pass shred)) to comply with the BSI recommendations.