<html dir="ltr"><head></head><body style="text-align:left; direction:ltr;"><div>I like to write clear text red herring files onto a LUKS encrypted drive to be disposed of. So delete the LUKS header, overwrite it with /dev/random. Reformat the drive as fat32 then add:</div><div><br></div><div>Files named "bank_codes" and then filled with random generated account numbers and passwords.</div><div>Files named "my passwords" and filled with random usernames, accounts, and passwords"</div><div>Files named "my new access list" filled with real usernames gleaned from facebook, google, etc. but random passwords</div><div><br></div><div>This works real well on a fresh install win10 with no password on the default user account. Keeps the schmucks busy testing :-)</div><div><br></div><div>On Thu, 2019-04-11 at 09:51 -0400, DJ-Pfulio via Ale wrote:</div><blockquote type="cite" style="margin:0 0 0 .8ex; border-left:2px #729fcf solid;padding-left:1ex"><pre>Or just use strong encryption on the data to begin with (non-trivial passphrases</pre><pre>or better, keys to unlock), then remove the headers.</pre><pre><br></pre><pre>And if you like, run ddrescue --force /dev/urandom /dev/sdZZZZZZZZZ for a few</pre><pre>hours or until it is full.</pre><pre><br></pre><pre>Using LUKS means never worrying about sending drives in for warranty replacement.</pre><pre><br></pre><pre>But shooting them is fun too.</pre><pre><br></pre><pre>If you are a large enterprise or DoD, what we think doesn't matter. They will</pre><pre>have policies.</pre><pre><br></pre><pre>For a medium-small biz or home outside DoD entanglements, the above works better</pre><pre>than what 99.9999% of your competition is doing.</pre><pre><br></pre><pre><br></pre><pre>On 4/10/19 8:30 PM, Steve Litt via Ale wrote:</pre><blockquote type="cite" style="margin:0 0 0 .8ex; border-left:2px #729fcf solid;padding-left:1ex"><pre>I think opinions vary on the effectiveness of DBAN, but nobody I've</pre><pre>ever met disputed that once all platters are reduced to pieces no more</pre><pre>than 1 inch square, the cost of recovery precludes anyone but a state</pre><pre>actor who has prioritized the daylights out of your data. To easily</pre><pre>be even more cautious, you could easily dispose of platter shards in</pre><pre>different places and different time periods.</pre><pre><br></pre><pre>DBAN and its category brethren strike me as things that work</pre><pre>wonderfully if used correctly, but I make mistakes. And what if the</pre><pre>drive was intermittent when DBANized?</pre><pre><br></pre><pre>And what if you accidentally DBANize the wrong drive?</pre><pre><br></pre><pre>And then there's this: What's the advantage of DBAN over a hammer?</pre><pre><br></pre><pre>SteveT</pre><pre><br></pre><pre><br></pre><pre><br></pre><pre>On Wed, 10 Apr 2019 15:18:55 -0400</pre><pre>Pete Hardie <</pre><a href="mailto:pete.hardie@gmail.com"><pre>pete.hardie@gmail.com</pre></a><pre>> wrote:</pre><pre><br></pre><blockquote type="cite" style="margin:0 0 0 .8ex; border-left:2px #729fcf solid;padding-left:1ex"><pre>But for working drives, does that substantially differ from running</pre><pre>DBAN?</pre><pre><br></pre><pre>Non-working drives do require a hammer</pre><pre><br></pre><pre>On Wed, Apr 10, 2019, 15:05 Steve Litt via Ale <</pre><a href="mailto:ale@ale.org"><pre>ale@ale.org</pre></a><pre>> wrote:</pre><pre><br></pre><blockquote type="cite" style="margin:0 0 0 .8ex; border-left:2px #729fcf solid;padding-left:1ex"><pre>As a corollary, how much would it damage your life if somebody</pre><pre>recovered your username, password, and positions for your investment</pre><pre>firm?</pre><pre><br></pre><pre>Fifteen minutes of hammering and you haven't a care in the world.</pre><pre><br></pre><pre>SteveT</pre><pre><br></pre><pre><br></pre><pre>On Sun, 31 Mar 2019 15:27:35 -0400</pre><pre>Pete Hardie via Ale <</pre><a href="mailto:ale@ale.org"><pre>ale@ale.org</pre></a><pre>> wrote:</pre><pre> </pre><blockquote type="cite" style="margin:0 0 0 .8ex; border-left:2px #729fcf solid;padding-left:1ex"><pre>How much effort do you expect the men in black to expend to</pre><pre>recover the data on them?</pre><pre><br></pre><pre>On Sun, Mar 31, 2019, 14:48 Geoffrey Myers via Ale <</pre><a href="mailto:ale@ale.org"><pre>ale@ale.org</pre></a><pre>></pre><pre>wrote:</pre><pre> </pre><blockquote type="cite" style="margin:0 0 0 .8ex; border-left:2px #729fcf solid;padding-left:1ex"><pre>So, I’m cleaning up the basement. Got a stack of old drivers</pre><pre>I’m working to erase. Many of which are, not surprisingly</pre><pre>inaccessible. Google says simply remove the platters and hammer</pre><pre>them into shards.</pre><pre><br></pre><pre>Thoughts?</pre></blockquote></blockquote></blockquote></blockquote></blockquote><pre>_______________________________________________</pre><pre>Ale mailing list</pre><a href="mailto:Ale@ale.org"><pre>Ale@ale.org</pre></a><pre><br></pre><a href="https://mail.ale.org/mailman/listinfo/ale"><pre>https://mail.ale.org/mailman/listinfo/ale</pre></a><pre><br></pre><pre>See JOBS, ANNOUNCE and SCHOOLS lists at</pre><a href="http://mail.ale.org/mailman/listinfo"><pre>http://mail.ale.org/mailman/listinfo</pre></a><pre><br></pre></blockquote><div><span><pre><pre>-- <br></pre>James P. Kinney III
Every time you stop a school, you will have to build a jail. What you
gain at one end you lose at the other. It's like feeding a dog on his
own tail. It won't fatten the dog.
- Speech 11/23/1900 Mark Twain
http://heretothereideas.blogspot.com/
</pre></span></div></body></html>