[Fed-Talk] Re: Secure Erase...
[Fed-Talk] Re: Secure Erase...
- Subject: [Fed-Talk] Re: Secure Erase...
- From: Shawn A.Geddis <email@hidden>
- Date: Wed, 17 Dec 2008 11:16:57 -0800
To continue to dispel misinformation being stated on this list...
On Dec 17, 2008, at 8:45 AM, Allan Marcus wrote:
We have a similar issue with secure erase. Apple secure file erase
will not meet DOE standards, so we are looking at ShredIt X. I've
spoken with the developer and he will be added a DOE method to the
ways file can be securely deleted.
Since "Secure Empty Trash" uses:
7-Pass Overwrite the file with 7 US DoD COmpliant Passes
(0xF6, 0x00, 0xFF, random, 0x00, 0xFF, random)
Since "srm" provides multiple options:
s - Simple Overwrite with a single pass of random data
m - Medium Overwrite the file with 7 US DoD COmpliant Passes
(0xF6, 0x00, 0xFF, random, 0x00, 0xFF, random)
z - Zero After overwriting, zero blocks used by file
Since Disk Utility provides multiple options for both "Erase Free
Space" and "Erase Volume":
a) Zero Out
b) 7-Pass Erase
c) 35-Pass Erase
What aspect of this is suddenly no longer acceptable to DOE ?
As for erasing a partition, we are looking at requiring a 7 pass
wipe, then a zero data wipe. The reason for the final wipe is
because DOE requires two wipes with random data then one wipe with a
known pattern. The final known patter allows cyber forensics to
verify the erase.
Therefore, the 7-pass DoD Compliant method exceeds the DOE
requirements and actually meets the requirements of what you are
looking to do.
Again, neither Apple's secure file erase nor the partition erase
allow for this pattern.
I think I have pointed out above that they actually exceed what you
are asking for.
:-( I've opened tickets with Apple tech support to have this
changed, but I'm not hopeful.
Ticket #s ?
- Shawn
_____________________________________________________
Shawn Geddis Security Consulting Engineer Apple Enterprise
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden