Silk Road forums
Discussion => Security => Topic started by: P2P on August 05, 2013, 01:27 am
-
Can DBAN be operated from a USB stick instead of CD/DVD? Also, does anyone have an approximate time frame for the gutmann to complete? Assume a half TB harddrive. Also, if one has a USB stick in one's comp while running DBAN, does DBAN wipe the USB as well? According to their page, DBAN wipes every drive it can get its hands on, so I was wondering if I could simply plug in a couple USBs to kill a few birds with one stone. The USBs in question are TC encrypted; is this ok, or should I format/decrypt before DBANing?
And one more question: Does DBAN destroy any and all malware? Or are there certain forms it would not catch?
-
I don't use DBAN. I just copied Debian Wheezy to a USB drive, and anything I want to delete I run install on it and enable LUKS encryption which automatically wipes the partitions with random data and then encrypts the disk with an impossible never remember again gigantic password. One it's finished, it's nuked properly: both wiped and encrypted. Secure Erase is also a good program because it kills bad sectors and hidden areas not accessible by linux unless you know how to debug the firmware through JTAG and wipe everything.
You can also burn Wheezy to CD and if you have USB's plugged in Debian installer will see them. Include them as crypto partitions to be wiped too.
There's also tricks you can do to fool forensic investigators, watch this though it's advanced info it's interesting
http://youtu.be/ijyAwxH_iok
-
I don't use DBAN. I just copied Debian Wheezy to a USB drive, and anything I want to delete I run install on it and enable LUKS encryption which automatically wipes the partitions with random data and then encrypts the disk with an impossible never remember again gigantic password. One it's finished, it's nuked properly: both wiped and encrypted. Secure Erase is also a good program because it kills bad sectors and hidden areas not accessible by linux unless you know how to debug the firmware through JTAG and wipe everything.
You can also burn Wheezy to CD and if you have USB's plugged in Debian installer will see them. Include them as crypto partitions to be wiped too.
There's also tricks you can do to fool forensic investigators, watch this though it's advanced info it's interesting
http://youtu.be/ijyAwxH_iok
So:
1. Download Debian Wheezy to a USB
2. Shut down
3. Restart, booting from the Wheezy USB
4. Enable LUKS encryption and include USBs as crypto-partition (how do I do this?)
I am also not sure how to open a USB through tails. I usually just open TC encrypted USBs on tails, but never a regular, non-encrypted USB. Usually, on Windows, the USB will simply appear on the file system after it is plugged in. This is not the case with tails. How do I find the plugged in USB stick on the file system?
-
You can also load up a linux live CD and enter:
dd if=/dev/urandom of=/dev/sdb bs=1M to nuke the USB drive.
While in linux, (or tails) plug in USB drive you want to wipe and open terminal and type "dmesg" it should be the last entry, usually /dev/sdb or something.
Enter in terminal: dd if=/dev/urandom of=/dev/sdb bs=1M and it wipes the drive, though the installer is sometimes easier because you encrypt it afterwards with an impossible password using GUI if you don't know the terminal commands. /dev/sda is usually your HDD in linux, don't wipe that unless you want too.
-
You can also load up a linux live CD and enter:
dd if=/dev/urandom of=/dev/sdb bs=1M to nuke the USB drive.
While in linux, (or tails) plug in USB drive you want to wipe and open terminal and type "dmesg" it should be the last entry, usually /dev/sdb or something.
Enter in terminal: dd if=/dev/urandom of=/dev/sdb bs=1M and it wipes the drive, though the installer is sometimes easier because you encrypt it afterwards with an impossible password using GUI if you don't know the terminal commands. /dev/sda is usually your HDD in linux, don't wipe that unless you want too.
I would prefer a GUI if possible. Where is the installer? Do you have a link?
Also, concerning the last command you wrote (Enter in terminal: dd if=/dev/urandom of=/dev/sdb bs=1M and it wipes the drive), if I am using a tails USB, it won't wipe the tails USB as well, will it? The USB is needed to run the OS, which is needed to run the wipe. Wiping the USB performing the wipe sounds like it would generate a black hole to another dimension.
By the way, would you mind breaking down that command for me? I am interested in specifically what it is saying.
Dumb down your answers as much as possible. I have no LINUX experience whatsoever (beyond using tails).
-
By the way, how is this superior to just running DBAN? I am mainly just wondering if I can run DBAN from a USB by booting from the USB. The problem is that DBAN seems to only be specifically for CD and DVD (same with Wheezy, as I just saw on its download page). If I want to use a USB, can I just download, say, the CD download onto a USB and boot from the USB? Or will this not work because the download is made specifically for a CD only?
-
I just wiped a USB drive I had lying around, I'm running Gentoo.
Used that above command in terminal, it filled the entire drive with random garbage and nuked it.
If you're using windows and want to load DBAN on a usb:
http://www.pendrivelinux.com/install-dban-to-a-usb-flash-drive-using-windows/
You can use debian installer to create an entire USB as a LVM crypto volume, and then wipe it completely. It will show up under 'partition disks' just select the correct one. It will show make/brand/size. Mine showed up as maxwell 2GB USB and the other USB as Ironkey 1G.
-
Why not just use a simple eraser program?
With the way USBs work, they tend to damage and corrupt faster than hard-drives. DBAN also takes forever, and overwrites far more times than necessary. The NSA only uses 4 passes, and it's claimed that only ONE overwrite is needed.
Just use an Eraser or Bleachbit which do about 1 overwrite.
-
This may be a stupid question: the OS (Win) is still fully functional after DBAN, correct?
-
This may be a stupid question: the OS (Win) is still fully functional after DBAN, correct?
Absolutely; if you select just the USB drive to DBAN, the other harddisks are unaffected. Everything on the USB drive will be erased, however (including any OS on it).
If you mean will you be able to still use it, yes. You will just have to format it to whatever file system your computer can read and write to.
-
You can also load up a linux live CD and enter:
dd if=/dev/urandom of=/dev/sdb bs=1M to nuke the USB drive.
While in linux, (or tails) plug in USB drive you want to wipe and open terminal and type "dmesg" it should be the last entry, usually /dev/sdb or something.
Enter in terminal: dd if=/dev/urandom of=/dev/sdb bs=1M and it wipes the drive, though the installer is sometimes easier because you encrypt it afterwards with an impossible password using GUI if you don't know the terminal commands. /dev/sda is usually your HDD in linux, don't wipe that unless you want too.
I would prefer a GUI if possible. Where is the installer? Do you have a link?
Also, concerning the last command you wrote (Enter in terminal: dd if=/dev/urandom of=/dev/sdb bs=1M and it wipes the drive), if I am using a tails USB, it won't wipe the tails USB as well, will it? The USB is needed to run the OS, which is needed to run the wipe. Wiping the USB performing the wipe sounds like it would generate a black hole to another dimension.
By the way, would you mind breaking down that command for me? I am interested in specifically what it is saying.
Dumb down your answers as much as possible. I have no LINUX experience whatsoever (beyond using tails).
dd is basically "direct device" copy. /dev/urandom is a file that in Linux spits out random numbers when you read from it. "if=" specifies the in file. "of=" specifies the out file. "bs=" is the block size. That will do a single pass, which is probably good enough. By a single pass I mean it will overwrite the disk a single time. DBAN will do it many times. It probably isn't necessary to do it many times, but it depends on who you talk to.
You do understand that what you're talking about doing will destroy the operating system, malware, and everything else on the drives? There will be nothing. No data will survive at all. You will turn the computer on and it will beep angrily and turn back off, every single time, until you install a new operating system for it to load -- I just want to be sure you understand that wiping a hard drive means wiping it totally, not just wiping everything except the operating system. There's no way to do that (nor would you want to do it, as it wouldn't destroy the evidence you seem to want destroyed so badly).
-
I am also not sure how to open a USB through tails. I usually just open TC encrypted USBs on tails, but never a regular, non-encrypted USB. Usually, on Windows, the USB will simply appear on the file system after it is plugged in. This is not the case with tails. How do I find the plugged in USB stick on the file system?
Stick the USB drive in. Go to the desktop. Double click the amnesia's home icon. It will open a file browser. Your USB drive will appear in the column on the left.