Cyber Security Awareness Month - Day 16 - Securing a donated computer
Day 16 ends week two of the Cyber Security Awareness Month. If you happen to get a computer that was donated to you, it is important to trust the software that is installed on it.
Formatting a computer does not erase the data. Before using the computer, it is recommended to completely wipe the hard drive and install from trusted medias. These two programs can be used to wipe a drive: WipeDrive (commercial only) and Active @ KillDisk (free and commercial). If you are familiar with Linux, you can also use dd or cp with /dev/zero or /dev/urandom.
Note that WipeDrive SystemSaver can wipe the data and keep the operating system intact but it cost $39.95.
Wiping with dd or Linux copy (free solution)
Boot with a Linux CD/DVD and one of these methods can be used to wipe a drive:
- cp /dev/zero /dev/hda or cp /dev/zero /dev/sda
- dd if=/dev/urandom of=/dev/hda or dd if=/dev/urandom of=/dev/sda
- dd if=/dev/zero of=/dev/hda or dd if=/dev/zero of=/dev/sda
The final step is to reinstall the operating system and all your favorite software from trusted clean medias.
If you know other method for wiping clean a donated computer, you can share them via our contact form.
Update 1: Eraser is a tool for Windows to remove sensitive data from a drive and Terence indicated that Seagate's Seatools can be used overwrite a drive with zeros.
-----------
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org
Le cours "Comprehensive Packet Analysis" sera disponible en français à Québec le 5 nov 2010
FOR 558: Network Forensics coming to Toronto, ON in Nov 2010
Comments
PHolder
Oct 16th 2010
1 decade ago
Matt
Oct 16th 2010
1 decade ago
Steve
Oct 16th 2010
1 decade ago
Steve
Oct 16th 2010
1 decade ago
If you just delete the partition and install the O/S, there's nothing that can "leak" through from the previous system. So, there's really no reason to wipe it more thoroughly.
doj8
Oct 16th 2010
1 decade ago
A fresh OS and software install is the best, most os installers can delete/repartition/format just make sure you let it do so.
Now if you suspect illegal data which could be forensically recovered and put you in suspicion, then wipe. One of the RescueCD tools is MHDD which can be used for ATA spec erase. The ATA security commands can sometimes be blocked by BIOS, but DBAN will still work but slower.
Scott H
Oct 16th 2010
1 decade ago
Moriah
Oct 16th 2010
1 decade ago
I've been stunned at the condition of some donated computers we get, anywhere from hardware-filthy to software-filthy. I usually boot into the OS out of curiosity or to check devices. I've found unsecured accounts with company documents (which I did not touch) and once got a donation that was crawling with malware.
I am very grateful to people/companies who choose to donate instead of toss old computers. I just wish that they'd sanitize first. Not only do they protect themselves, but it's also usually a *volunteer* working on a donated computer, and they don't have all the spare time in the world.
sb
Oct 18th 2010
1 decade ago
doj8
Oct 19th 2010
1 decade ago