How much time for a very quick run?

A

Anonymous

Guest
Hi, I understand (I guess...) that the purpose of Dban is a full and safe erasing of all data fisically stored on hard drives and that this takes the time that is needed.
My question is, if I boot from the floppy, type "quick" at the prompt and stop the program by unplugging the power cable after a few seconds (lets say less than a minute), are the content of partitions on my hard drives still visible if the devices are connected to a computer which uses explorer.exe as tool for data mining? I know my data are still on the disks but are someway hidden at a very very simple attempt to check the content of the drives?

Thanks for any advice and for this program.
 

dajhorn

Member
Do not rely upon the behavior of an incomplete wipe, always let DBAN finish one pass.

If the disk has only one partition, then the filesystem will be hosed within seconds of starting DBAN because the FAT (or MFT) will be near the front of the disk.
 
A

Anonymous

Guest
Thanks for reply.
Having 2 disks with 5 partitions, is there a way to have Dban delete the FAT of partitions first and then proceed with the phisycal wiping of whole disks?
Thanks
 
A

Anonymous

Guest
Additional wishes. =)

dajhorn said:
Not yet. Trashing filesystems is on the wishlist.
Here's my partial wishlist:

1. Wipe filesystem (FAT, NTFS, Linux?) only with options for variations. Example: Wipe filesystem and directories with PRNG 10 times, then quit.

2. Combine that with wiping the rest of the data in any style.

Example of 1+2 = Wipe filesystems with PRNG 20 times, then wipe rest of data 2 times.

Question: Filesystem wipe should be relatively quick, correct?

Another wishlist: wipe drive every number of sectors, example: wipe drive for 1 kilobyte every megabyte. Purpose is to quick nuke encrypted filesystems. Encrypted data usually needs the entire file, but wiping parts of it can render the entire system unusable. If I have two minutes to wipe my drive, this is what I would do short of getting my hammer and pound the thing, (as the cops running in my door, as an example only; watch movies Enemy of the State and Conspiracy Theory, hehehe.)

Modified filewipe wish: wipe first 2k of files in a normal filesystem. (this may be a suggestion better for the Eraser windows program.) Since many files will not function when the first few bytes are altered, such as zip files, rar files, even documents such as word docs or excel files, most probably a quick kill function such as this may prove useful for the average user who is not super-duper-three letter org paranoid. I just want something that quickly nukes my drive in 10 seconds or something. I have actually created a small program to do this (one file at a time.) You zero out the first 2000 bytes of a wav, mov, mpeg, jpeg, avi, and most people will never be able to view it.

Variation filewipe wish: wipe every other 20k of the file or something like that. Same reasoning. Merely corrupts the file.


if filesystem unable to determine, then
wipe first 100 megabytes, 1 pass, = kills filesystem in 2 seconds.
wipe last 100 megabytes, 1 pass = kills maybe backup filesystem, norton index?

Windows XP allows for some programs to perform boot stuff. Example is PerfectDisk offline boot defragmentation. Could there be a Windows XP Boot Nuke operation that does what I want? Basically, here is how I want it to work:

1. initiate reboot and nuke. assuming confirmed (dangerous if not)
2. schedules a wipe on reboot.
3. reboots (shuts down everything.)
4. on reboot, begins wiping all filesystems. (1 or 2 seconds)
5. wipes end of the drive. (1 or 2 seconds)
6. wipes from beginning to end. (1 or 2 hours)

These 3rd party defraggers could do the job if they were programmed to write zeros instead of moving the pagefile, directories, etc.
 

dajhorn

Member
1. Wipe filesystem (FAT, NTFS, Linux?) only with options for variations. Example: Wipe filesystem and directories with PRNG 10 times, then quit.
Identifying NTFS objects would require a partial filesystem implementation. The NTFS driver that is already in Linux is too large for the DBAN floppy disk, and the native NTFS driver ("captive-ntfs") is 2 megabytes by itself.

2. Combine that with wiping the rest of the data in any style.
You need to motivate this feature request because it will add complexity to the method code.

Another wishlist: wipe drive every number of sectors, example: wipe drive for 1 kilobyte every megabyte. Purpose is to quick nuke encrypted filesystems.
Again, this requires intimate knowledge of the NTFS filesystem.

Furthermore, my instinct is that this will provide false security. Would trashing the MFT be just as effective?

Could there be a Windows XP Boot Nuke operation that does what I want?
Yes.

DBAN can be started with loadlin under Windows 95/98/ME, and I am trying to package it for ntloader under Windows NT/2000/XP. (ie: To inject DBAN into systems to which you do not have easy physical access.)

If I have two minutes to wipe my drive, this is what I would do short of getting my hammer and pound the thing, (as the cops running in my door, as an example only; watch movies Enemy of the State and Conspiracy Theory, hehehe.)
It is entertaining to imagine a person rushing to start a computer with DBAN as law enforcement officers raid their household, but a better defense is to run a fully encrypted filesystem. I figure that LEO can storm and secure your premises in less time than you would require to start DBAN.
 
A

Anonymous

Guest
Could there be a Windows XP Boot Nuke operation that does what I want?
Yes.

DBAN can be started with loadlin under Windows 95/98/ME, and I am trying to package it for ntloader under Windows NT/2000/XP. (ie: To inject DBAN into systems to which you do not have easy physical access.)
Well, I wouldn't mind having, for example, dual boot configuration (WinXP and DBAN's Linux) with the only purpose of the other config to nuke the hard drive. You know what, nevermind, it is probably too much work for you, and you already make an excellent boot floppy. I just prefer not using floppies or CD-Rs if possible. But then that would be more work to get it to operate from Windows. Or wait, is that what NTLOADER is supposed to do? Is it possible to nuke the active NT/2K/XP partition? Just click on "shortcut to nuke me" or something like that and poof!



It is entertaining to imagine a person rushing to start a computer with DBAN as law enforcement officers raid their household, but a better defense is to run a fully encrypted filesystem. I figure that LEO can storm and secure your premises in less time than you would require to start DBAN.
Hmmm, I was hoping it wasn't that bad,.. err, i mean, they're not that fast. LEO may be able to have me surrounded, but they'd still need more than 2 minutes to get into the room with the computer. I might as well just shoot the hard drive, heh.

My other "solution" is to use something like PGPDisk on the data, but not the entire drive, just part of it, then nuke that volume. I wager a single PRNG overwrite on the unmounted PGPDisk would render it useless to LEO.
 

dajhorn

Member
Or wait, is that what NTLOADER is supposed to do? Is it possible to nuke the active NT/2K/XP partition? Just click on "shortcut to nuke me" or something like that and poof!
Yes, that is the idea. (This feature will happen sooner if it is sponsored.)

My other "solution" is to use something like PGPDisk on the data, but not the entire drive, just part of it, then nuke that volume. I wager a single PRNG overwrite on the unmounted PGPDisk would render it useless to LEO.
Using encrypted volumes are the best way to minimize risk. Put lots of memory into the computer and disable the swap file, and mount your home directory on an encrypted volume.
 
A

Anonymous

Guest
Using encrypted volumes are the best way to minimize risk. Put lots of memory into the computer and disable the swap file, and mount your home directory on an encrypted volume.
What are some encryption programs that support mounting the windows home directory on such a volume? Also why would I need to disable the paging file if it is encrypting the whole volume? Thanks
 
A

Anonymous

Guest
Paging and Swapping are two different things. They are rather closely related, but it's very possible to disable swap without disabling paging.

Paging: Breaking memory up into managable "pages" which can be moved around. (Not necessarily to disk. Just around.)

Swap: Moving pages of memory to a secondary storage medium, in essence creating the illusion of more memory at the expense of overhead in load time.
 
A

Anonymous

Guest
Paging != Swapping.

Paging and Swapping are two different things. They are rather closely related, but it's very possible to disable swap without disabling paging.

Paging: Breaking memory up into managable "pages" which can be moved around. (Not necessarily to disk. Just around.)

Swap: Moving pages of memory to a secondary storage medium, in essence creating the illusion of more memory at the expense of overhead in load time.
 
Top