Admins Arsenal: DBAN
Ever buy a used Hard Drive on Ebay or Craigslist? Ever look to see if there was any data on it? I have, and let me tell you, it is downright scary what people will leave on HDD’s when they sell them as used. I recently purchased 12 used 250 GB SATA HDD’s from Ebay for a NAS project I was working on, and of those 12, 9 of them had not been so much as formatted.
Of those 9, all but one had data that would have been usable for identity theft: files with credit card information, copies of bills, saved email that had account information, not to mention the astounding number of ummm, not safe for work pictures taken by (or of) the former owners. In all cases I could have contacted the former owner, as on all 9 drives I found current addresses and phone numbers for the former owners.
This is 2009, I would have thought that by now better than 25% of people selling used hard drives would know better.
As an IT Professional, I get used computers all the time (for some reason everyone I work with thinks I need every used machine I can get my hands on, especially if it has a “Designed for Windows 95!” sticker on it!). The ratio of these HDD’s that I get with data still on them is more like 95%. It’s easy to format a HDD, until you get one that just won’t format. Mostly the ones I’ve seen this on were disks that I installed an obscure linux distro on, and then for whatever reason decided to install Windows on. The Microsoft format tools are not always capable of handling partitions like this, which is where DBAN comes in.
Darik’s Boot And Nuke (or DBAN) is a self-contained boot disk that securely wipes the hard disks of most computers. DBAN will automatically and completely delete the contents of any hard disk that it can detect, which makes it an appropriate utility for bulk or emergency data destruction.
One of the really great things about DBAN is that it can run from a floppy, or be burned to a bootable CD, which means it can be used on almost any computer. Better than that, DBAN has many options for how it wipes the disk, ranging from the single pass “autonuke”, to the 35 pass random data Gutmann method, and of course DBAN also offers users a method for definable number of passes.
In short, DBAN excels at destroying all data on a Hard Disk. You can find more information on DBAN here.
June 17, 2009 - 7:29 am
I loved this line:
“As an IT Professional, I get used computers all the time (for some reason everyone I work with thinks I need every used machine I can get my hands on, especially if it has a “Designed for Windows 95!” sticker on it!).”
I feel the exact same way. I just thought it was pretty funny that all IT Professionals seem to get treated the same.
Click to Reply to This Comment.
Karl L. Gechlik | AskTheAdmin.com Reply:
June 17th, 2009 at 9:40 am
Yup I just cleaned out all my NT, Windows 9x, Windows ME machines as well as the older 2000 machines that can not be upgraded.
When I say cleaned out I mean formatted reinstalled the OS and gave them away to local people/groups.
Click to Reply to This Comment.
J.M.A. Daily Reply:
June 17th, 2009 at 9:51 am
You are a lot better than me, because I do not take the time to be charitable. However, I think you have just inspired me to do something similar with my “junk” machines. I guess I can have a heart once in a while.
Great tool by the way.
Click to Reply to This Comment.
Joe Glessner Reply:
June 17th, 2009 at 10:15 am
I usually refurb old machines (I can usually go at least 2:1 with machines), throw ubuntu and Open Office on them (unless they have an XP COA on them – RARE!), and post them on craigslist as free to verified students.
You’d be surprised at how many actual high school students respond, and then act like you just gave them a car!
Better than letting some recycling company profit from them.
Click to Reply to This Comment.
Karl L. Gechlik | AskTheAdmin.com Reply:
June 18th, 2009 at 9:57 am
That is an awesome way to give back to the community. People must love you! And to think I was stock piling this crap for so long and then sold them for a couple hundred bucks! LOL
Click to Reply to This Comment.
Karl L. Gechlik | AskTheAdmin.com Reply:
June 18th, 2009 at 9:58 am
I love seeing an IT person see the light towards helping people! Great job Joe!
Click to Reply to This Comment.
June 17, 2009 - 8:18 am
So, essentially, I need to go to Ebay, buy some hard drives and I’ll soon be rich (or in prison).
Of course I’m making light of a very serious situation.
While not an IT Pro, in the past year I’ve had 6 computers, in various working conditions, given to me. EVERY ONE of them have been full of people’s private data. As you said, this is 2009, and it makes me wonder how people cannot know, by now, that they need to delete at least their personal info, if not the entire drive.
On a separate subject, if you happen to have any Dimension 3000 parts laying around, I need them.
Click to Reply to This Comment.
Karl L. Gechlik | AskTheAdmin.com Reply:
June 17th, 2009 at 9:38 am
What do you need? I have several machines destined for the junk yard downstairs that are dimension 3000 but chances are they are all flucked up.
Click to Reply to This Comment.
Mark Reply:
June 18th, 2009 at 11:35 am
Thanks, Karl.
Actually, the most important stuff I need is cosmetic, I need the 2 plastic front bezels, mostly. The front need not have an open Floppy drive slot because I’ve eliminated the floppy from my machine and thrown it as far as I physically can. On the other hand, if it were to have the sloppy flot, it won’t ruin my day. Just getting it, at all, would tickle me to pieces.
If I could also get my paws on a hard drive tray, it would be great. The machine I have was only outfitted with a single drive and I’d like the option of adding another reasonable-size drive in lieu of only installing a single huge drive. Maybe, when one them crashes, I’ll still have something left of the data stored.
Finally, if you thought there was a functional MoBo in the mix, I’d welcome having it around for when I fry the one I have. If not, I’m already looking at aftermarket options, as crazy as it may seem.
But Karl, I’ll tell you the serious truth, I will be glad to send you the price of what you feel your stuff is worth plus shipping costs for whatever you have related to the 3000. If you will shoot me a private Email, there is something I’d like to show you. What is more, please feel free to edit this this reply in any way you desire.
Thanks, again.
Mark
Click to Reply to This Comment.
June 17, 2009 - 9:41 am
Awesome Post Joe. And how true this is. I have recieved upwards of 30 machines in the last year and all of them except for the ones with smoldering hard drives have had personal information on them.
People then wonder how someone stole their identity! Hello! It is 2009 guys wake up and smell the identity fraud :)
Click to Reply to This Comment.
June 17, 2009 - 6:20 pm
Karl,
This is an awesome utility. I’ve been looking for something like this opensource. Thank you very much, Kerry
Click to Reply to This Comment.
June 18, 2009 - 12:10 am
Active@ Kill Disk is in the same league
http://www.killdisk.com/
Click to Reply to This Comment.
Karl Reply:
June 18th, 2009 at 9:55 am
Same league? But isn’t DBAN the industry standard? Which do you prefer to use Molly?
Click to Reply to This Comment.
Molly Reply:
June 18th, 2009 at 2:50 pm
i don’t think there’s such a thing as an ‘industry standard’. most countries/organisations do have their own security standards, a software either matches those requirements or it doesn’t :)
and i’m using both DBAN and KillDisk Pro. they do the job, KillDisk is around a bit longer than DBAN.
imho, no disk, wiped with either program, would stand a chance in a high level forensic examination. if you dump an old hard disk, take it apart and shatter the disks. just to be sure to be sure :)
Click to Reply to This Comment.
JoeG Reply:
June 18th, 2009 at 3:39 pm
If by “high level forensic examination” you mean “single needle magnetic resonance recovery scanning”, there is a good possibility that any data on the disk stored on the disk in a stationary position for a long period of time might be recoverable.
Outside of that, I would have to say that the data is likely not coming back (and honestly if people that can fund that kind of forensics are after your data, there are much easier, and cheaper ways to get it).
In fact I would go so far as to say that if a disk were wiped with DBAN (using the DoD compliant method), there is not a single commercial data recovery firm that could get that data back, and I would be willing to pay for the recovery if they could. Now if someone seriously wants to take me up on that, I will have some requirements about verifying that the data was wiped (I’ll need to be present for the wipe).
I’ve worked closely with data recovery services many times over the years (as recently as last October), and know what they are capable of. Most commercial data recovery companies would be hard pressed to get back data wiped with a single all zero write pass.
That said, certain nameless government agencies have specific requirements for physical destruction of used hard disks, because hostile foreign governments could probably fund the previously mentioned single needle magnetic resonance recovery scanning, and even the possibility is worth the extra effort.
Click to Reply to This Comment.
Molly Reply:
June 19th, 2009 at 5:12 am
i couldn’t agree more.
however, the awareness of data security, or rather the lack thereof is mind boggling.
what you can find dumped on landfill sites is a disgrace. it makes the odd scandal of some public servants losing their laptop look like a joke.
running one of the above programs over a disk you’re planning to dispose of or give away is the least you can do. personally i prefer do destroy the disk physically, for good measure.
but then, how many of us are taking email/IM encryption serious? (imagine the drain on the budget of said nameless or TLA agencies, if we did :)
Click to Reply to This Comment.
October 23, 2009 - 11:23 am
I always carry with Me 2 CDs… DBAN and BARTPE there’s no better way to do it, unless you want to disassemble the drives and user carbon grinders on those plates and reduce them to dust.
BTW This is way safer than toying around with thermite, even if it lacks the glitz.
Click to Reply to This Comment.
February 5, 2010 - 1:25 pm
Nice post on Dban and I too see this all the time. I personally use the tools on PartedMagic from USB key. They supply DD and other great disk tools. It can be burned to cd or if you have about 100MB free on a USB key it can be placed on it without data loss. Also I’m not affiliated with them just a fan.
http://www.partedmagic.com
Click to Reply to This Comment.