Any way to wipe this drive?

[Guest]

I have a 120 GB hard drive that my RAID controller encountered an
error with, so I am trying to wipe it and return it to the
manufacturer. But when I use Copywipe to wipe it, Copywipe encounters
an error at 52%. It asks me if I want to continue, and I enter Y, but
then Copywipe freezes the system. So it looks like Copywipe will only
be able to wipe half the drive. Any way I can get past that error and
wipe the rest of it? Any other wiping software that can handle a bad
drive?

 

[Grinder]

I have a 120 GB hard drive that my RAID controller encountered an
error with, so I am trying to wipe it and return it to the
manufacturer. But when I use Copywipe to wipe it, Copywipe encounters
an error at 52%. It asks me if I want to continue, and I enter Y, but
then Copywipe freezes the system. So it looks like Copywipe will only
be able to wipe half the drive. Any way I can get past that error and
wipe the rest of it? Any other wiping software that can handle a bad
drive?

Probably not, but you can try dban.

 

[Paul]

I have a 120 GB hard drive that my RAID controller encountered an
error with, so I am trying to wipe it and return it to the
manufacturer. But when I use Copywipe to wipe it, Copywipe encounters
an error at 52%. It asks me if I want to continue, and I enter Y, but
then Copywipe freezes the system. So it looks like Copywipe will only
be able to wipe half the drive. Any way I can get past that error and
wipe the rest of it? Any other wiping software that can handle a bad
drive?

I found a manual.

http://www.docsdownloads.com/download/copywipe.pdf

Page 21 "Reverse Wiping Direction" sounds like a
possible solution.

There is also a "Pattern: Hardware" option which uses
the secure erase option built into modern IDE (not SCSI)
hard drives. But with bad sectors, I don't know how that
feature works. What will happen, if you try it, is you lose
communication with the drive, until the secure erase
runs to completion internally. If the secure erase
fails at the 52% mark, you might not get any other
opportunities to talk to the drive again. So
I'd reserve "Pattern: Hardware" for another day.

More information on the ATA/ATAPI built-in hardware
erase option can be found on this site.

http://cmrr.ucsd.edu/people/Hughes/SecureErase.shtml

Paul

 

[Guest]

I found a manual.

http://www.docsdownloads.com/download/copywipe.pdf

Page 21 "Reverse Wiping Direction" sounds like a
possible solution.

That will reverse directions on each pass, but if the first pass
always fails, then I won't ever wipe in the other direction.

There is also a "Pattern: Hardware" option which uses
the secure erase option built into modern IDE (not SCSI)
hard drives. But with bad sectors, I don't know how that
feature works. What will happen, if you try it, is you lose
communication with the drive, until the secure erase
runs to completion internally. If the secure erase
fails at the 52% mark, you might not get any other
opportunities to talk to the drive again. So
I'd reserve "Pattern: Hardware" for another day.

I tried it, and it said my hard drive does not support it.

 

[Calab]

I get freezes over the years (and in my previous thread here) for
various reasons, and I've never understood all these freezes.

All depends on the OP definition of "freezes".

I've seen HDD errors cause a system to become unresponsive while the system
tries to access a bad sector, and it can last for several minutes.

 

[Arno Wagner]

I have a 120 GB hard drive that my RAID controller encountered an
error with, so I am trying to wipe it and return it to the
manufacturer. But when I use Copywipe to wipe it, Copywipe encounters
an error at 52%. It asks me if I want to continue, and I enter Y, but
then Copywipe freezes the system. So it looks like Copywipe will only
be able to wipe half the drive. Any way I can get past that error and
wipe the rest of it? Any other wiping software that can handle a bad
drive?

You can use dd_rescuce under Linux. It will continue on errors
and it can be set to start at an offset. You can use it from
a knoppix CD for example (also allows you to only have the drive
to be wiped connected to the system to prevent accidents).

You may still have to skip over a lot of errors manually. In addition,
all the handling and postage fees and effort is probably not
worthwhile investing for a 120GB drive, unless it is a 10000rpm or
notebook drive.

Arno

 

[Rod Speed]

Hold the drive next to the magnet of a large stereo speaker for about 30 seconds.

Wont erase anything.

God could not reconstruct your data then.

Wouldnt need to, it will still be fine.

 

[Arno Wagner]

On Fri, 13 Jun 2008 06:59:35 -0700 (PDT),
"(e-mail address removed)" <[email protected]>
wrote:

Just send the drive in as-is. They could not allow anyone
to steal data off of drives as it would ruin their business,

I do not believe that. I have by now read of quite a few cases
where people got convicted because of things found on their
HDDs when they handed in their computer for repairs. I would
not be surprised if some HDD manufacturers actually where
running a specific content scanner on disks sent in for
repairs and perceive that as a public service. There also
have been several reports of repair shops harvesting contents
from customer's computers.

Arno

 

[DevilsPGD]

In message <[email protected]> Arno Wagner

I do not believe that. I have by now read of quite a few cases
where people got convicted because of things found on their
HDDs when they handed in their computer for repairs. I would
not be surprised if some HDD manufacturers actually where
running a specific content scanner on disks sent in for
repairs and perceive that as a public service. There also
have been several reports of repair shops harvesting contents
from customer's computers.

You snipped the "unless you have something illegal" and then argued as
though kony was giving bad advice due to the potential for getting
caught doing something illegal.

Consider the value of the drive vs the value of the content on the drive
and proceed accordingly.

A new 160GB drive can be purchased for around $50 brand new, so if you
have something illegal or private, something you'd pay $50 to not have
revealed, replace and destroy the drive and move on.

On the other hand, if you have Windows, pictures of your family
gathering, with a few angry letters to the editor and you don't care,
then wipe what you can and warranty the drive -- Recovering the drive
would take a pretty decent amount of time, money and effort which simply
isn't worth it on an ongoing basis.

Personally, I'd just write off the drive, it would probably cost more
then $50 of shipping, packaging, and hassle (time) then to risk
violating an NDA.

 

[Guest]

Probably not, but you can try dban.

I am running DBAN now, and after 4 hours, it has already completed 3
passes. After 4 hours, Copywipe had only completed 20% of the first
pass. And DBAN has an error counter that says 0. So that seems
strange.

I believe that DBAN will write all zeros for the last pass. After it
is done, is there any way for me to verify that it actually wiped the
drive, and that the drive has all zeros?

 

[Guest]

All depends on the OP definition of "freezes".

I've seen HDD errors cause a system to become unresponsive while the system
tries to access a bad sector, and it can last for several minutes.

I waited over an hour and the progress meter didn't move, hitting ESC
didn't do anything, and the computer started beeping as if the
keyboard buffer was full.

 

[Arno Wagner]

I am running DBAN now, and after 4 hours, it has already completed 3
passes. After 4 hours, Copywipe had only completed 20% of the first
pass. And DBAN has an error counter that says 0. So that seems
strange.

I believe that DBAN will write all zeros for the last pass. After it
is done, is there any way for me to verify that it actually wiped the
drive, and that the drive has all zeros?

Under Linux do:
cat <device> | hex

THis will list all non-zero areas and compress the lsiting for
zero areas into one line ach.

Arno

 

[Arno Wagner]

In message <[email protected]> Arno Wagner

You snipped the "unless you have something illegal" and then argued as
though kony was giving bad advice due to the potential for getting
caught doing something illegal.

I actually think that the illegality is not relevant. There is a
good possibility that the contents of your drive will be looked at.

Consider the value of the drive vs the value of the content on the drive
and proceed accordingly.

A new 160GB drive can be purchased for around $50 brand new, so if you
have something illegal or private, something you'd pay $50 to not have
revealed, replace and destroy the drive and move on.
INdeed.

On the other hand, if you have Windows, pictures of your family
gathering, with a few angry letters to the editor and you don't care,
then wipe what you can and warranty the drive -- Recovering the drive
would take a pretty decent amount of time, money and effort which simply
isn't worth it on an ongoing basis.

Personally, I'd just write off the drive, it would probably cost more
then $50 of shipping, packaging, and hassle (time) then to risk
violating an NDA.

I think I argued that way eralier in the thread already adn I agree
completely.

Arno

 

[Paul]

I am running DBAN now, and after 4 hours, it has already completed 3
passes. After 4 hours, Copywipe had only completed 20% of the first
pass. And DBAN has an error counter that says 0. So that seems
strange.

I believe that DBAN will write all zeros for the last pass. After it
is done, is there any way for me to verify that it actually wiped the
drive, and that the drive has all zeros?

If each sector contained nothing but zeros, then you'd have a slightly
easier time to verify the disk. For example, if the data was streamed
into a checksumming tool, then the end result should be a grand total
of zero. If some other programmatically created data pattern is used,
then you'd have to write a tool to verify that the pattern is reproduced.

If I was doing this verification project myself, and I couldn't find
a tool to automatically verify what was written, I might head to
Linux land. Writing programs to work on storage devices isn't that
hard - it really depends on how rusty you are, as to how long it would
take. And the program wouldn't necessarily have to be that long either.
As a friend at work would quip - "yup, that needs a three line program".

To give you a hint, at least in Windows land, there is a port of "dd".
Apparently "dd" can be instructed to copy to "standard out", so if
you piped the output into another Windows tool, like a checksum program,
you might just be able to compute a checksum over the entire data
stream. If the data on the sectors was supposed to be zero, then the
results should be zero.

http://www.chrysocome.net/dd

On my Windows disk, I have a small collection of GNU tools, such as
"coreutils", and in there, I have a copy of "sum.exe". Perhaps "dd"
could be piped into a copy of "sum" from coreutils.

Since "dd" is part of Linux as well, you could also use the same concept
with a Linux LiveCD. (Knoppix and Ubuntu can be booted from their
respective CDs, and you can keep a few small files on a removable
storage device, while working with them. The LiveCDs don't have to
be installed to a hard drive, to do useful work.)

My suspicion is, that DBAN doesn't leave zeros on the disk for all of
its erasing options. At least some of them will have used the
Mersenne Twister, to make random data. (I tried to find a nice manual
for DBAN, but all I found was text files of one sort and another.)
Your first task, might be to find a sector editor and look at just
a couple sectors, to see what kind of a mess you're dealing with.
(I.e. Whether sectors are zeroed, or contain random data.)

"dd" can also be used to write zeros to a drive. In fact, that is
what I've used it for recently, as a means of erasing the "front part"
of a disk drive. Using "/dev/zero" as a source of data, you can
instruct dd to transfer "/dev/zero" to the hard drive, which will
overwrite the drive with zeros. If you then streamed the data to
standard output and piped it to a checksum or to a "word count" program
such as "wc", then you can compute the checksum of all the data,
and also verify the byte count available from the drive. So
there are "toy" programs, and bits and pieces of solutions around.

To use "dd" in Linux to write zeros, this is what you do.

1) Boot Knoppix CD into Linux desktop.
2) Open a terminal window. Type

sudo dd if=/dev/zero of=/dev/sda bs=512 count=10000

That fills the first 10000 sectors with zeros. The command
syntax assumes /dev/sda is the disk to be hammered. Any time
I'm doing this kind of "surgery", only the disk to be hammered
is connected to the computer. Then, I can't possible make
a mistake with my selection of "/dev/sda" and hammer the
wrong drive. (That is one thing that worries me about using
the "dd" port in Windows - my boot drive would be a sitting
duck if I made a mistake typing in the command. Not so with
a Linux LiveCD, as the CD can't be erased.)

After your erasure pass is complete, then you could use dd
again, to read /dev/sda and pipe the output into checksum
or wc, to compute a checksum and to verify the total number
of bytes read, respectively. (A Linux/Unix guru can easily
improve on the above suggestions. I don't use this stuff
enough any more, to be good at it.)

Have fun,
Paul

 

[Grinder]

My suspicion is, that DBAN doesn't leave zeros on the disk for all of
its erasing options. At least some of them will have used the
Mersenne Twister, to make random data. (I tried to find a nice manual
for DBAN, but all I found was text files of one sort and another.)
Your first task, might be to find a sector editor and look at just
a couple sectors, to see what kind of a mess you're dealing with.
(I.e. Whether sectors are zeroed, or contain random data.)

Just a quick interjection: WinHex and Hex Workshop can edit physical (or
logical) drives directly. ie, they qualify as "sector editors."

 

[Rod Speed]

(e-mail address removed) wrote

I am running DBAN now, and after 4 hours, it has already completed 3
passes. After 4 hours, Copywipe had only completed 20% of the first
pass. And DBAN has an error counter that says 0. So that seems strange.

I believe that DBAN will write all zeros for the last pass.
After it is done, is there any way for me to verify that it
actually wiped the drive, and that the drive has all zeros?

Nope, particularly with the sectors that the drive has decided are too bad to use.
If they have something illegal in them, you can still get shafted because of that.

The only viable approach is to physically destroy the drive
if you do have something seriously illegal on that drive.

If you dont, the risk of someone getting some detail
like your credit card numbers etc off the drive is minimal.

 

[David Lesher]

Just send the drive in as-is. They could not allow anyone
to steal data off of drives as it would ruin their business,

I got a replacement laptop drive from Samsung. It had a complete NTFS
filesystem from someone in Brazil. [He liked Christina Aguilera...]

It failed within days; it would work only when cold. I got a third one
and it was empty...

 

[Rod Speed]

Of course it is relevant.

Based upon what?

Based on those caught when it has happened.

That you have no evidence to the contrary? But do
you have even one example of it ever happening?
Yep.

There is a clear expectation that if it ever did, it would
make waves around the internet for many years, you'd
get tired of reading about it over and over.

Pity it didnt when that happened.

There is an even better possiblity you are just being paranoid.

Nope, not when at least one has got caught when it happened.

What about those people who aren't doing anything
illegal and take their PC to a regular repair shop?
They too know it is *possible* some files on their
system could be looked at. What about when you
leave your house? It is *possible* someone could
take a picture of you. What about when you post
to usenet? It is *possible* someone could archive it.

Irrelevant if it isnt illegal.

There is a reasonable limit to how much effort one goes to, to
protect their privacy, when there are no examples of the situation
under which you are concerned having ever been a problem.

Only if you're as pig ignorant as you are.

There's probably even some pervs out there that deliberately
take nude pictures of themselves and put them on their PC
just for the tech to find. Come to think of it, would be
funny as heck if someone made TubGirl their wallpaper
before taking the system in. Gross, but still funny to
see the look on the repair shop's technician's face.

Lastly, consider just how many drives pass through
a hard drive manufacturer's doors for RMA. Do you
really think they don't monitor handling of these drives?
It's probably a pretty high security area given their
desire to prevent the things you speculate might happen,

Have fun explaining the Samsung drive someone else mentioned.

not to mention that anyone there intent on doing so would have
thousands upon thousands of drives to pick from, even if there
were no security at all do they really go to the effort of repairing
a damaged hard drive so they can snoop the files,

You aint established that they need to repair the drive, or that they wont
repair the drives that are repairable, and discover the illegal content.

or do they grab one of the piles and piles of drives
that still work if they're just in a nosey mood?

Or the repair a repairable drive or one with an
intermittent fault and discover the illegal content.

The whole thing is unrealistic at least.

Have fun explaining those who have got caught.

The risk of sending a damaged hard drive in for RMA replacement
is even close to the same risk as taking a PC to a repair shop,
handing your system over to the geek tech down the street,
or even throwing the drive away without wiping it first.

Some have got caught that way too.

If you want to go to extra measures out of paranoia where
there is no indication it is warranted, then by all means go
right ahead... we have no idea what is on your hard drive.

Yep, and for all you know it could be flagrantly illegal.

 

[Arno Wagner]

On 14 Jun 2008 09:05:02 GMT, Arno Wagner <[email protected]>
wrote:

Of course it is relevant.

Based upon what? That you have no evidence to the contrary?

Ine thing is personal communications (sorry). The story
about "Geek squad" even having servers in some locations
where emplyees would store things found on customer's
computers stands out. There are others I am too lazy to
look up.

But do you have even one example of it ever happening?
http://it.slashdot.org/article.pl?sid=07/07/06/1916207

There is a clear expectation that if it ever did, it would
make waves around the internet for many years, you'd get
tired of reading about it over and over.

I think the waves have been far smaller than that. For example
they doid not even reach you. I am also surprised that there
was not significantly more oytrage and mainstream discuussion
about this.

There is an even better possiblity you are just being
paranoid.

Sorry, but no. Not in this case.

What about those people who aren't doing anything
illegal and take their PC to a regular repair shop? They
too know it is *possible* some files on their system could
be looked at.

It seems that it is likely. ''Possible'' does not concern me.

What about when you leave your house? It is
*possible* someone could take a picture of you. What about
when you post to usenet? It is *possible* someone could
archive it. There is a reasonable limit to how much effort
one goes to, to protect their privacy, when there are no
examples of the situation under which you are concerned
having ever been a problem.

There's probably even some pervs out there that deliberately
take nude pictures of themselves and put them on their PC
just for the tech to find. Come to think of it, would be
funny as heck if someone made TubGirl their wallpaper before
taking the system in. Gross, but still funny to see the
look on the repair shop's technician's face.

Lastly, consider just how many drives pass through a hard
drive manufacturer's doors for RMA. Do you really think
they don't monitor handling of these drives? It's probably
a pretty high security area given their desire to prevent
the things you speculate might happen, not to mention that
anyone there intent on doing so would have thousands upon
thousands of drives to pick from, even if there were no
security at all do they really go to the effort of repairing
a damaged hard drive so they can snoop the files, or do they
grab one of the piles and piles of drives that still work if
they're just in a nosey mood?

Well, I actually do think the risks from HDD are relatively
low, unless there is organized scanning to aid law enforcement.
So I would say: No illegal stuff -- Warranty return to the
manufacturer is safe. But that is a personal opinion.

The whole thing is unrealistic at least. The risk of
sending a damaged hard drive in for RMA replacement is even
close to the same risk as taking a PC to a repair shop,
handing your system over to the geek tech down the street,
or even throwing the drive away without wiping it first.

Ah, maybe you say something else here than you indetded to?
The risk of the repair shop has been demonstrated and may be
pretty high. The HDD manufacturer risk should be low, I think.

If you want to go to extra measures out of paranoia where
there is no indication it is warranted, then by all means go
right ahead... we have no idea what is on your hard drive.

Read the story I linked. Should open your eyes.

Arno

 

[Arno Wagner]

On 14 Jun 2008 04:09:44 GMT, Arno Wagner <[email protected]>
wrote:

1) You have heard of snooping techs at some repair shop,
not one of the hard drive manufacturers pulling data off to
scrutinize what it was.

2) As I wrote above, but that you snipped out, if something

What is you beef with me shortening postings? Don't you have a
newsreader that shows the full history? I do this purely to
make things easier to read. The old, full posting is there.
I hide nothing by quoting selectively the parts that I want
to comment on.

Incidentially, netiquete recommends shortening postings in
relpies to the parts you reply to.

Arno