Re: [Fed-Talk] Secure erase
Re: [Fed-Talk] Secure erase
- Subject: Re: [Fed-Talk] Secure erase
- From: Allan Marcus <email@hidden>
- Date: Mon, 25 Feb 2008 12:58:15 -0700
I misused the word "sanitize.". I meant to say "clear". It appears
overwrite is still allowed for non-removable rigid disks for clearing
of data.
According the page you refer to, the standard is:
Overwrite all addressable locations with a single character.
At DOE (or at least at LANL) we requrie a 3=pass overwite (0's, then
1's, then a random character). It appease that the 7-pass secure
erase in disk utilities does this for a partition, but I would like
to know if the same is true for Secure Erase in the finder, and erase
free space. I will ask Apple Enterprise Support.
---
Thanks,
Allan Marcus
505-667-5666
On Feb 22, 2008, at 5:02 PM, Joshua Krage wrote:
Maybe you can explain why you think legacy 5220.22-M compliance is
a requirement?
It /used/ to be a requirement. Now the sanitization requirements
are more severe for DOD systems, e.g. degaussing or destruction.
Consult your local DAA for guidance.
The relevant DSS guidance can be found at (scroll down to Guidance):
<https://www.dss.mil/portal/ShowBinary/BEA Repository/
new_dss_internet/isp/odaa/odaa_links.html>
On Feb 22, 2008, at 4:58 PM, Allan Marcus wrote:
here's what I have so far:
Mac OS X has a number of options to securely erase a file, free
space, or a partition.
Please note, either of these methods may take hours. A laptop
should be plugged into
the power outlet when performing these operations.
To erase an entire partition, boot from a different disk or
partition (such as the
Install DVD) and use Disk Utilities. Select the partition to
erase, then select the
Erase tab, then click the Security Options and choose the 7-pass
erase option. This
option conforms to the DoD 5220.22-M specification.
<http://docs.info.apple.com/article.html?artnum=303462>
If you can get away with erasing just the file(s), throw the file
(s) into the trash
then empty the trash. Then erase the free space on the Mac. To
erase free space, use
Disk Utilities and select the Erase tab, then click the Erase Free
Space button and
choose the 7-pass erase of deleted files option.
Does this option conforms to the DoD 5220.22-M specification?
There is an option to Secure Empty Trash but that will only
securely delete the files
in the trash at that time. If files were previously deleted, only
the Erase Free Space
option will sanitize the disk. Also, I am trying to find out if
the Secure Empty
Trash conforms to DoD 5220.22-M. The command line program "srm"
can also delete a
specific file, and can use a 7-pass wipe (-m option), but I do not
know if this
command is DoD approved. Anyone know for sure?
---
Thanks,
Allan Marcus
505-667-5666
On Feb 22, 2008, at 2:52 PM, Allan Marcus wrote:
look at sherdit x
http://www.mireth.com/pub/sxme.html
---
Thanks,
Allan Marcus
505-667-5666
On Feb 19, 2008, at 7:52 PM, Dan O'Donnell wrote:
Disk Utility is useful, but diskutil has far more features,
including some
configuration of multipass secure erasure:
<http://developer.apple.com/documentation/Darwin/Reference/
ManPages/man8/dis
kutil.8.html>
However, some agencies require more than 1 but less than 7
secure erasures,
e.g. 3. This is not listed as an option in diskutil, and 7
passes is quite
time consuming. Does anybody know of an application that will
allow 3, or at
least a configurable number between 1 and 7?
---
Dan O'Donnell
ISSO
RAND Corporation
1776 Main St.
PO Box 2138
Santa Monica CA 90407-2138
310-393-0411 x6637
email@hidden
email@hidden
___________________________________________________________________
_______
This email message is for the sole use of the intended recipient
(s) and
may contain confidential information. Any unauthorized review, use,
disclosure or distribution is prohibited. If you are not the
intended
recipient, please contact the sender by reply email and destroy
all copies
of the original message.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
40nasa.gov
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden