Mersenne Twister PRNG question in relation to DBAN

A

Anonymous

Guest
Hi all,

A hypothetical question here - as I am trying to understand how this program works, exactly. If you were to use the standards from that German security paper, and run DBAN 1.0.1 (bundled with Eraser 5.7), and overwrite a modern IDE hard drive with 33 passes of Mersenne Twister PRNG, how irrecoverable would the data be? I am asking because I have read other posts on this forum in relation to the relative insecurity of Mersenne Twister as a Number Generator. Am I also correct in assuming that the D0D 7 pass wipe and the Guttman 35 pass wipe are inferior to even Mersenne Twister PRNG, at least on modern hard drives?
Much appreciate any help on this matter!
 

Gralfus

Member
As has been beat to death repeatedly, one pass using any method will render the data unrecoverable by any known method. When a section of a drive has been used over and over, what data will be recovered from it? The first data, the second, ...a mishmash of all of it? Practical recovery is impossible. A bit here and there is not useable information.

The theories you are referring to rely on there never having been any data written to the drive previously, specific data being stored at specific places on the drive, then erasing the drive and seeing if that specific data could be recovered. That is the only time you stand a chance of recovering after a single pass, because you know what data "should" be there to begin with. Magnetic microscopy is still sci-fi unless the data was already known, and the exact location of every bit was previously known.
 

Anonymous0

New Member
Gralfus said:
As has been beat to death repeatedly, one pass using any method will render the data unrecoverable by any known method. When a section of a drive has been used over and over, what data will be recovered from it? The first data, the second, ...a mishmash of all of it? Practical recovery is impossible. A bit here and there is not useable information.

The theories you are referring to rely on there never having been any data written to the drive previously, specific data being stored at specific places on the drive, then erasing the drive and seeing if that specific data could be recovered. That is the only time you stand a chance of recovering after a single pass, because you know what data "should" be there to begin with. Magnetic microscopy is still sci-fi unless the data was already known, and the exact location of every bit was previously known.
Complete Nonsense!
 

Gralfus

Member
The burden of proof lies with you, oh wise one. Show me the evidence.
 
A

Anonymous

Guest
Provided that you have already have read posts throughout this forum concerning this subject, you will have undoubtedly come to certain conclusions:

1) provided that you have a "modern" HD (that is, a computer made from the year 2000 onwards).
And,
2) have actually read the previous posts pertinent to this subject on this forum concerning wiping schemes

Using the PRNG stream is the only suitable method (save physically destroying the HD) to use for modern HD's. I suggest repeating the PRNG stream at least 12 times (but no more than 15). Although the psuedo-random number generator (PRNG) used in DBAN isn't the tightest (Mersenne vs. ISAAC) around; on a modern HD, using the PRNG stream at say, 12 rounds is "probably" just as secure as the Gutmann method. I say "probably" in that no wiping method is superior to a determined foe who is bent on recovering sensitive info from your HD (say that "certain" federal law enforcement agency).

Per your post: use the PRNG stream at 15 rounds, with the option set to verify each round. That should do you. If you're REALLY paranoid, physically destroy your HD. BDAN isn't a miracle cure, only a treatment for specific ailments.
 
A

Anonymous

Guest
DBAN1.0.4

I'm assuming that you'll be using the latest version of DBAN (Derik's Boot and Nuke), which is version 1.0.4 (as it stands on March 25th, 2005). For your convenience, the direct link is: http://dban.sourceforge.net/

When in doubt...Nuke it!!!
 
A

Anonymous

Guest
DBAN1.0.4

I'm assuming that you'll be using the latest version of DBAN (Derik's Boot and Nuke), which is version 1.0.4 (as it stands on March 25th, 2005). For your convenience, the direct link is: http://dban.sourceforge.net/

When in doubt...Nuke it!!!
 

HisPetsMaster

New Member
got a question on this...

I know that the PRNG used for dban isn't crypto lvl secure, this in general does not bother me.

What I would like though, is for those circumstances where I do need a very high lvl of security added, that we have the added option of choosing BBS or something similar, and even more pertinent, an option that allows you to do a pass with each implemented PRNG's.

Also, and this is a second question or request, what about using the hardware RNG in the via chips? can this be automatically detected and available when it is present?

if already present then this is a question of how to use it, if not it is then a request.
 

dajhorn

Member
I know that the PRNG used for dban isn't crypto lvl secure, this in general does not bother me.
Additional PRNGs might appear in the dban-1.1.0 release.

Also, and this is a second question or request, what about using the hardware RNG in the via chips? can this be automatically detected and available when it is present?
Using an onboard RNG requires a driver, but the DBAN image has tight storage. The necessary drivers will likely be added when DBAN is shipped in a DMF image or when I decide to remove something like MCA support.
 

HisPetsMaster

New Member
dajhorn said:
I know that the PRNG used for dban isn't crypto lvl secure, this in general does not bother me.
Additional PRNGs might appear in the dban-1.1.0 release.

Also, and this is a second question or request, what about using the hardware RNG in the via chips? can this be automatically detected and available when it is present?
Using an onboard RNG requires a driver, but the DBAN image has tight storage. The necessary drivers will likely be added when DBAN is shipped in a DMF image or when I decide to remove something like MCA support.
ok, kewl, thanks for the information.
 
Top