1/ the Acronym is the CMRR - Center for Magnetic Recording Research at the University of California San Diego.

2/ the first sentence is a mess… sorry.

3/ This is not self promotion.. I do not work for Ensconce Data Technology, the manufacturer of the Dead on Demand Digital Shredder. The white paper was originally developed as a presentation of the acceptable means to responsibly destroy hard drive data, and to dispel many of the half baked and potentially dangerous concepts floating about. EDT had requested the rights to the paper for their own purpose.

Clearly my perspective on their product and the value it offers the public and private sector as a portable data destruction appliance made the piece very appealing to them. The presentation is facts based, and you can draw your own conclusion.

If you want to see a broad array of half baked data destruction methods, by self proclaimed experts, go to YOUTUBE and search on data or drive destruction. It is like calling in your crazy cousin Bob to bring over his sledge hammer for a session or data destruction.

I apologize for the errors.

Ryk

ATA Security Commands:
Most of these are VERY DANGEROUS and can KILL your drive!
Due to bugs in most Linux kernels, use of these commands may even
trigger kernel segfaults or worse. EXPERIMENT AT YOUR OWN RISK!

–security-freeze Freeze security settings until reset.

–security-set-pass PASSWD Lock drive, using password PASSWD:
Use ‘NULL’ to set empty password.
Drive gets locked if user-passwd is selected.
–security-unlock PASSWD Unlock drive.
–security-disable PASSWD Disable drive locking.
–security-erase PASSWD Erase a (locked) drive.
–security-erase-enhanced PASSWD Enhanced-erase a (locked) drive.

The above four commands may optionally be preceeded by these options:
–security-mode LEVEL Use LEVEL to select security level:
h high security (default).
m maximum security.
–user-master WHICH Use WHICH to choose password type:
u user-password.
m master-password (default).

Normally I am deeply allergic to self-promotion on StorageMojo - with me as the obvious exception! - but I respect the fact that he has deeper knowledge than I do and presents it well. I do wish he didn’t point out my flaws, but what the hey:

I have read your article on Secure ERase and must state that although you are on the right track, and that the NIST does recognize SE as the single best means to destroy data on a hard dfrive beyond forensic reconstruction second to effective physical destruction. The CRMM software as developped by Dr. Gordon Hughes team, is an academic command line utility designed as a proof of concept tool to demonstrate Secure Erase. Yet, what you fail to state is that this software does not work on most stations or devices.

As a command line utility, the CRMM software does not provide a solution that offers a defensible audit log, or a reliable platform for the effective decomissioning of hard drives in the enterprise. Likewise, in many cases the SE command will not be sent to the device due to BIOS and OS inhibition of the command being presented to the target drive. PC vendors have in many cases inhibited SE from being initiated due to the threat it poses if it were to be exploited by virus and malware authors.

Furthermore, drive manufacturers have interpreted SE differently, and in some cases by the same vendor from one drive model to the next. As such, SE needs to be initiated in a manner specific to the device, in order to be effectively launched.

Please do not get me wrong, I am a big fan of Secure Erase, and more so, on the proper means to use SE. See http://www.deadondemand.com/assets/documents/edt_digital_shredder_2.pdf for more details on the proper means to decomission hard drives using Secure Erase. Even on SATA devices.

An excellent point. In fact, that is the next level of security for 2.5″ drives: everything is encrypted with secure key deletion. A future post that ties back to one I did last year.

Thanks,

Robin

I looked it up - Hitachi has the docs for it now - and yes it the Drive Fitness Test “Erase Disk” function is similar. The big difference is that it is, like Boot and Nuke, an external drive wiper. So it won’t give the same level of security as Secure Erase, according to NIST.

Robin

Is this what the IBM DFT tool “Erase Disk” function does?
What about the HD manufacturer’s own disk erasing tools?