Over at Storage Bits, my new ZDnet blog, I wrote about Secure Erase, a feature that Walter Purvis at Data Mobility Group told me about.
Secure Erase (SE) excited so much attention over there that I thought I’d take a more leisurely stroll through it here.
Free, secure, ATA drive erasure
SE is built into virtually all P/SATA drives built since 2001, when it became part of the ATA standard. It is virtually unknown however, because many BIOSes block the command and some even lock the drive to keep the data safe from Murphy’s-law-abiding citizens. Not to mention evil virus writers.
More secure than external wipers
Since it is internal to the drive, it doesn’t exact much overhead compared to external wipers like the open source Boot and Nuke or similar commercial products. Even better, it is more secure, protecting the data from keyboard (file recovery utilities) attacks and laboratory attacks.
In fact, NIST rates SE’s effectiveness on a par with degaussing a hard drive. Degaussing (strong magnetic field) is losing favor because of a combination of increasing media coercivity and improved magnetic shielding. Once HAMR (Heat Assisted Magnetic Recording) arrives, it may be practically impossible to degauss a drive short of a nuclear weapon’s electro-magnetic pulse. Then we’ll likely be down to Secure Erase and physical destruction as NIST-approved methods of sanitizing disks.
A blunt instrument
SE doesn’t give you many choices: it erases all the user space on the drive, one track at a time. It can erase HPA (Host Protected Area) or DCO (Device Configuration Overlay) areas, if any, as well. Some drives implement an enhanced Secure Erase which instead of writing zeros writes a pattern set by the vendor and that overwrites all bad blocks as well.
When the process is done your drive is empty and ready for OS formatting.
But wait! There’s more!
Check out UCSD’s Center for Magnetic Recording Research to learn more about a leading center of research with the goal of 1 terabit/sq. inch recording. Dr. Gordon Hughes, an IEEE fellow, on the faculty has created a utility that enables SE on Windows machines, available from his CMRR home page. This utility is for experienced storage heads and is not noob-friendly.
Dr. Hughes has also co-authored a paper (pdf) called Data Sanitization Tutorial that gives a brief, 12 page overview of the requirements and options for secure data elimination.
If you are in government, or deal with those who are, you should also check NIST’s special Computer Security publication page. Of special interest is publication 800-88 “Guidelines for Media Sanitization” which covers disks and other media as well.
The StorageMojo take
Secure Erase is an interesting and little known addition to the storage pro’s toolkit. If anyone whips up a tool for using it under Mac OS X or Linux, please let me know.
Comments welcome, as always.
No related posts.
Related posts brought to you by Yet Another Related Posts Plugin.
{ 1 trackback }
{ 12 comments… read them below or add one }
Thanks for the info.
Is this what the IBM DFT tool “Erase Disk” function does?
What about the HD manufacturer’s own disk erasing tools?
Charles,
I looked it up – Hitachi has the docs for it now – and yes it the Drive Fitness Test “Erase Disk” function is similar. The big difference is that it is, like Boot and Nuke, an external drive wiper. So it won’t give the same level of security as Secure Erase, according to NIST.
Robin
In my opinion such concepts like secure deletion goes only the half way. The problem is: How do you delete media not attached to a computer and how delete them ultrafast. The concepts of Radia Perlman about Assured Deletion sound very promising in this regard. The basic concept vastly simplyfied : Encrypt everything. When you want to delete a file, simple throw away the key
Joerg,
An excellent point. In fact, that is the next level of security for 2.5″ drives: everything is encrypted with secure key deletion. A future post that ties back to one I did last year.
Thanks,
Robin
This came in over the transom, and it sounded pretty good, so I am putting it in as a comment from me. It is from Ryk Edelstein, director of operations for Converge Net, Inc. – a link to a white paper he wrote is in the comment – and I appreciate the quality of his presentation.
Normally I am deeply allergic to self-promotion on StorageMojo – with me as the obvious exception! – but I respect the fact that he has deeper knowledge than I do and presents it well. I do wish he didn’t point out my flaws, but what the hey:
AFAIK for Linux, current hdparm allows to use ATA security functions, amongst which commands ERASE PREPARE and ERASE UNIT. Just make sure your kernel supports it : recent enough release and compiled with CONFIG_IDE_TASK_IOCTL enabled.
$ /sbin/hdparm –security-help
ATA Security Commands:
Most of these are VERY DANGEROUS and can KILL your drive!
Due to bugs in most Linux kernels, use of these commands may even
trigger kernel segfaults or worse. EXPERIMENT AT YOUR OWN RISK!
–security-freeze Freeze security settings until reset.
–security-set-pass PASSWD Lock drive, using password PASSWD:
Use ‘NULL’ to set empty password.
Drive gets locked if user-passwd is selected.
–security-unlock PASSWD Unlock drive.
–security-disable PASSWD Disable drive locking.
–security-erase PASSWD Erase a (locked) drive.
–security-erase-enhanced PASSWD Enhanced-erase a (locked) drive.
The above four commands may optionally be preceeded by these options:
–security-mode LEVEL Use LEVEL to select security level:
h high security (default).
m maximum security.
–user-master WHICH Use WHICH to choose password type:
u user-password.
m master-password (default).
Thanks for the posting… However, although I may have pointed out a minor error (rather, a point in need of a bit of elaboration), I will throw myself on my sword and correct a few errors in my own message…(probably why I should not be writing in the very early a.m.)
1/ the Acronym is the CMRR – Center for Magnetic Recording Research at the University of California San Diego.
2/ the first sentence is a mess… sorry.
3/ This is not self promotion.. I do not work for Ensconce Data Technology, the manufacturer of the Dead on Demand Digital Shredder. The white paper was originally developed as a presentation of the acceptable means to responsibly destroy hard drive data, and to dispel many of the half baked and potentially dangerous concepts floating about. EDT had requested the rights to the paper for their own purpose.
Clearly my perspective on their product and the value it offers the public and private sector as a portable data destruction appliance made the piece very appealing to them. The presentation is facts based, and you can draw your own conclusion.
If you want to see a broad array of half baked data destruction methods, by self proclaimed experts, go to YOUTUBE and search on data or drive destruction. It is like calling in your crazy cousin Bob to bring over his sledge hammer for a session or data destruction.
I apologize for the errors.
Ryk
I used SE on maxtor and seagate drives, but when installing xp on any of them, after xp formats and copies files, the install fails. It only seems to happen on drives that were SE.. Any idea?
Mark,
Did you do reformat the drives from Windows before the install? That could be it.
Robin
Hi,
I want to enhanced secure erase my seagate drive but:
-HDDerase gives memory error on startup and I am not experienced enough to track reasons.
-I do not know how to boot with hdparm so that I cant use it. I guess I need to initialize hddparm from a physically different location, i.e. not from the drive i am going to erase.
I just want to want to enhanced secure erase the only hard drive on my laptop. What is the easiest way to do that?
Thanks.
I just want to wipe a Maxtor 40 gig QuickView drive that came from an old DVR of unknown make. There’s something secured or locked with it so I can’t just plug it into a normal PC and partition/format it.
I know there are master passwords for these drives, I can find them online for any brand *except Maxtor*.
Would be great, in this case, if it had something like “WARNING! INCORRECT PASSWORD ENTERED 5 TIMES! ENTERING INCORRECT PASSWORD AGAIN WILL START SECURE ERASE PROCESS!”.
I’d just poke in some randomness and let the thing wipe itself, as long as that would unlock it.