Solved Need HDDErase That will work with SATA ...

[Golden]

Hi Zapp,

Did you try SDELETE posted earlier?

Regards,
Golden

 

[zapp22]

as it turned out I did not need to. moving it to a smarter system and running secure erase enhanced did it.

 

[jimbo45]

Hi there
You need some utility that does a PHYSICAL WRITE of x'00' (Binary zero's) on EVERY SECTOR.
Formatting or even wiping a partition won't do as this simply alters the directory contents but doesn't destroy the data. (If you don't like X'00' just write random Hex data but it must be on every sector).

Think of typical OS formatting and erase commands as simply tearing the Index and Table of Contents from a Book -- you can still READ the entire book as the actual DATA hasn't been destroyed.


This utility (has Military Strength erase) is quite good and FREE.

Disk Wipe - Free software

Cheers
jimbo

Try using something like this.

 

[Scoop]

I've been reading about this topic and I learned about 2 areas of a SATA HDD that some disk-wipe tools won't access:

- Host Protected Area

- Drive Configuration Overlay

DBAN won't access those areas on a HDD according to their FAQ page.

I was reading about "HDDEerase" and according to their "readme" file, it will remove the HPA & DCO areas on a HDD.

I got interested in this subject after reading some online posts about malicious objects still being present on HDD's after running DBAN and some of the other well-known diskwipe tools.

Will the Diskpart / clean all command access / overwrite these areas?

 

[Britton30]

As I understand it, clean all writes zeroes to all disk sectors so it should do it.
The two areas you mention wouldn't have any personal data, would they?

 

[Scoop]

As I understand it, clean all writes zeroes to all disk sectors so it should do it.
The two areas you mention wouldn't have any personal data, would they?

Thanks for the reply

I don't have personal data in those areas of the HDD. I've been curious about the best wipe tool to use if I needed to clean an infected HDD in the future.

 

[Britton30]

You're welcome. I ran clean all on a, I think, a 320GB HDD once and it took about 3 hours.

 

[Scoop]

You're welcome. I ran clean all on a, I think, a 320GB HDD once and it took about 3 hours.

Thanks again

My HDD's are all Seagate "Barracuda" SATA HDD's with Win 7 default installs (2 partitions, the "Sys Reserved" and the main partition). I have 2 spare HDD's with one that I periodically clone as a tested working shelf spare HDD and the other one as a testing tool for full-disk backup/restore imaging.

If a complete HDD wipe was necessary, including the HPA and DCO, would a clone process copy the HPA and DCO back to the wiped HDD?

For example,

HDD #1 = the wiped HDD, using HDDErase, previously infected

HDD #2 = a verified working spare

if I cloned HDD #2 (Source HDD) to HDD #1 (Target HDD) with one of the various cloning tools (Clonezilla, etc), would HDD #2 then be restored, including the HPA and DCO, restoring it to a complete bootable HDD?

I'm assuming that this would work since the cloning process copies one HDD to another HDD as an exact bit-by-bit copy. That's my understanding of it. I'm not sure if cloning processes all work in the same way, regardless of the cloning tool. I use Acronis and Macrium Reflect to clone and have used Clonezilla a couple of times, all with good results with the Target HDD's booting up into Win 7 ok.

 

[Britton30]

Cloning HDD 2 to HDD 1 should work fine if HDD 2 has a working booting system already installed. A clone is an exact "twin" of the source drive and recreates it including all partitions.

 

[Scoop]

Cloning HDD 2 to HDD 1 should work fine if HDD 2 has a working booting system already installed. A clone is an exact "twin" of the source drive and recreates it including all partitions.

Thanks again for the reply

BTW, your avi and sig are

 

[Britton30]

Thanks Scoop, I didn't make either one.

 

[zapp22]

ickkkk

Both of these topics are really, really disconcerting. the first more so than the second

1. That's a good 'catch' about parts of the HDD that are not accessed by DBAN. really troubling. Pardon my paranoia, but it is true that the reach of "authorities" [and, more often, their contractees] in the Western world is literally out of control, and the odds are high that the media makers are accomodating them. Last time I checked, HDDErase had not been updated in a long time, and it is an old project that, because it was GOOD, would be a bit of a lightning-rod for intrusion by the spooks.
Bottom line is: thank you both for bringing the issue back to attention. Many of us are "exposed" because of what we do for a living and the fact that limitations on liability, bonding, etc are very fuzzy areas. If we commit to a client that their data will be "securely exterminated", then fail to do so.... you know the drill.

Secondly: just having a conversation with a dear friend "in the biz" with accountability for LEO, civil matters, etc. It does not take a lot of sophistication these days to implant "evidence" on someone's media, across "the wire", erase one's tracks completely, then alert "the authorities" to go sniff around. "Boom" - someone gets a visit or an injunction or a warrant, or whatever. If there are areas of media that are kept hidden from 99% of us and the tool coders, you can see where this leads. There are certain 'offences' these days that invite the mere accusation, and if the accusation is made, life "as we know it" ends for the accused.

it ain't paranoia if its real, and this is very real.

If anyone reads this and knows for CERTAIN of a tool that can do the job, on all sorts of media, I'd love to hear of it, but my assumption is that no one tool exists. the only hope is physical destruction to the point that no magnetization is reliable.

2. There are smarter people than me around here on the issue of "cloning". I've worked with all the 'best' tools and they all have flaws. If one uses it carefully [and its not terribly user-friendly], I vote for Paragon's tools. However... big caveat, unless you're doing massive replications where manual intervention is too costly, I'm finding fewer and fewer reasons to image-over one drive to another unless it is merely to gain space, and the media types are a match. Otherwise, there are always more reasons to NOT do so than to do so. Better to build the new from 'scratch' using a customized load, then restore data and apps as best one can

 

[Britton30]

You're absolutely right. I think the authorities have the reach because of their own paranoia, and just plain nosiness. With it they can catch the random grandmother who downloaded a song for a child and throw her in prison while leaving the real criminals to do their dirty work. I think the whole DMCA biz is so much crappola. That's thin ice so I'll stop.

I do know that a full format of a drive will not erase previous data and is easily recovered. There have been a few projects where college students have bought some "cleaned" used drive at a local PC junk shop and recovered passwords, account numbers, email accounts, and names.

 

[Scoop]

zapp22

That's an interesting viewpoint about the security issues. I hadn't considered that issue when I was reading about hidden and inaccessible (to some well-known HDD-wipe tools) partitions as I was mainly focusing on how best to insure a complete HDD erase/write-over with the goal to remove rootkit infections.

Regarding cloning, I'll agree to disagree (cloning vs re-installing the OS) but I think it's more of a question of what the user's goal is, with Cloning (or Imaging).

I use Cloning and Imaging tools to provide a complete verified (bootup tested) HDD spare in the event of problems, user errors (me), malware, or a HDD failure.

I agree that cloning tools can be confusing, depending on the tools. I've been cloning with "Acronis" (2011) for a couple of years with no issues encountered. All of my cloned HDD's have booted up and ran ok during tests.

I also use "Macrium Reflect" (free ver) and "Clonezilla" with the same results. Clonezilla can be tricky during the setup process but that's coming from my perspective as a novice. I like Macrium's setup screens.

I maintain a periodic cloning and imaging routine so that I can return an infected HDD to a working spare HDD. I've had a couple of past intrusions (malware/viruses) during the past 2-3 years where I cleaned the affected HDD and returned it to service without issue. It's my personal choice vs seeking online HDD-recover tools in the event of a malicious intrusion. It's faster for me to install my cloned HDD and then wipe the infected HDD, and then re-clone back to it as a shelf-ready spare HDD.


Britton30

I do agree with you about the intrusive issues (authorities, etc). I had to google "DMCA" and I'll do the same, leave it at that (but from what I can tell by reading your post, I'm on the same side )