Destructive Windows Script

Re: Destructive Windows Script

On 6 Jun 2005 07:04:26 -0700, "Michele Simionato"
<michele.simion ato@gmail.com> declaimed the following in
comp.lang.pytho n:
[color=blue]
> The problem is that Google gives me too many non-relevant hits.
>
> I just would like something like this:
>
> $ rm what-I-think-is-an-useless-file
>
> ACK! It was not that useless!!
>
> $ recover what-I-think-is-an-useless-file
>[/color]
Highly unlikely... Most OSs implement a file "delete" by wiping
out the part of the directory structure that contained the file name...
Though I've never figured out how FAT handles directories...

If you haven't written to the drive since the delete, the
various tools will allow you to locate chains of data blocks that had
been associated with one or more files. You then determine which
chain(s) belong(s) to the file in question, and recreate a directory
entry for it.

On an old Amiga, this would be child's play -- The Amiga stored
file names in "file header blocks"; directory blocks only had pointers
to the header, accessed by a hash of name. The rest of the file system
was all multiple-head, linked-list, chains (root directory block points
to file-header/subdirectory blocks, file-header points to data blocks
and next "file header" for overflow data blocks, hash collisions handled
by chaining all colliding names into a list, etc...)

--[color=blue]
> =============== =============== =============== =============== == <
> wlfraed@ix.netc om.com | Wulfraed Dennis Lee Bieber KD6MOG <
> wulfraed@dm.net | Bestiaria Support Staff <
> =============== =============== =============== =============== == <
> Home Page: <http://www.dm.net/~wulfraed/> <
> Overflow Page: <http://wlfraed.home.ne tcom.com/> <[/color]

Re: Destructive Windows Script


"Dennis Lee Bieber" <wlfraed@ix.net com.com> wrote in message
news:ioh7a1liqm 1qpu0a1l0qmmb7n 3gqehtl26@4ax.c om...[color=blue]
> My previous facility didn't even accept mil-spec wipes -- all
> disk drives leaving the facility had to go through a demagnitizer,[/color]

OT but I am curious: does a metallic case act as a metallic shield, so that
the case needs to be opened to do this? (Conversely, is a magnet near a
disk drive a danger to it?)
[color=blue]
> wiped everything, including control tracks, and played <bleep> with the
> R/W head and positioning magnets.[/color]

I take this to mean the the drive is non-functional and might have well
been melted, except that demagnetising is cheaper.

TJR

Re: Destructive Windows Script

On 2005-06-06, Terry Reedy <tjreedy@udel.e du> wrote:
[color=blue]
> OT but I am curious: does a metallic case act as a metallic shield,[/color]

It depends on the metal and the case thickness. Thin
sheet-aluminum provides virtually no magnetic shielding. Some
good thick iron plate will provide shielding.
[color=blue]
> so that the case needs to be opened to do this?[/color]

No.
[color=blue]
> (Conversely, is a magnet near a disk drive a danger to it?)[/color]

Yes, if it's strong enough.
[color=blue][color=green]
>> wiped everything, including control tracks, and played <bleep>
>> with the R/W head and positioning magnets.[/color]
>
> I take this to mean the the drive is non-functional and might
> have well been melted, except that demagnetising is cheaper.[/color]

Yup.

--
Grant Edwards grante Yow! Why are these
at athletic shoe salesmen
visi.com following me??

Re: Destructive Windows Script

Terry Reedy wrote:[color=blue]
> "Dennis Lee Bieber" <wlfraed@ix.net com.com> wrote in message
> news:ioh7a1liqm 1qpu0a1l0qmmb7n 3gqehtl26@4ax.c om...
>[color=green]
>>My previous facility didn't even accept mil-spec wipes -- all
>>disk drives leaving the facility had to go through a demagnitizer,[/color]
>
>
> OT but I am curious: does a metallic case act as a metallic shield, so that
> the case needs to be opened to do this? (Conversely, is a magnet near a
> disk drive a danger to it?)[/color]

Absolutely. Small HDD's (like laptops) are especially vulnerable to
magnetic force.

Re: Destructive Windows Script

"Terry Reedy" <tjreedy@udel.e du> writes:[color=blue]
> On *nix, one could open '/dev/rawdisk' (actual name depends on the *nix
> build) and write a tracks worth of garbage for as many tracks as there are.
> I don't how to programmaticly get the track size and number (if there is a
> standard way at all).[/color]

Modern Unix systems assume drives don't care much about geometry, what
with sector forwarding and variable track lengths and the like.

Just open the raw disk device (assuming your Unix has such), and start
writing data to it. Keep going until the write fails at the end of the
media.

<mike
--
Mike Meyer <mwm@mired.or g> http://www.mired.org/home/mwm/
Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information.

Re: Destructive Windows Script

Mike Meyer wrote:[color=blue]
> "Terry Reedy" <tjreedy@udel.e du> writes:
>[color=green]
>>On *nix, one could open '/dev/rawdisk' (actual name depends on the *nix
>>build) and write a tracks worth of garbage for as many tracks as there are.
>>I don't how to programmaticly get the track size and number (if there is a
>>standard way at all).[/color]
>
>
> Modern Unix systems assume drives don't care much about geometry, what
> with sector forwarding and variable track lengths and the like.
>
> Just open the raw disk device (assuming your Unix has such), and start
> writing data to it. Keep going until the write fails at the end of the
> media.
>
> <mike[/color]

Wouldn't /dev/urandom or /dev/random on Linux systems work better? It's
the kernel's built in random number generator. It'd fill the drive with
random bits of data. You could loop it too... in fact, I think many of
the pre-packaged *wipe* programs are mini Linux distros that do just this.

dd if=/dev/random of=/dev/your_hard_drive

Re: Destructive Windows Script

On 2005-06-06, rbt <rbt@athop1.ath .vt.edu> wrote:
[color=blue][color=green]
>> Just open the raw disk device (assuming your Unix has such),
>> and start writing data to it. Keep going until the write fails
>> at the end of the media.[/color]
>
> Wouldn't /dev/urandom or /dev/random on Linux systems work
> better?[/color]

Maybe. Last time I found an article on the subject (should
have kept a copy), it suggested certain patterns for the
initial passes, and then random data for the last passes.

The data is converted into one of several RLL encodings (which
encoding depends on the drive). The optimal erase patterns
depended on the encoding used, so you have to use a several
different patterns to cover all the bases.

Googling for "secure disk erase pattern rll encoding"...

Here's a good but somewhat old paper:



and here's a newer one that deals more with secure deletion of
individual files:



and finally the US Navy's take on the issue:


[color=blue]
> It's the kernel's built in random number generator. It'd fill
> the drive with random bits of data.[/color]

The "really random" device will block when it runs out of
entropy. It will probably take the kernel a _long_ time to
generate a disk's worth of random data. The pseudo-random
device won't block, but the results aren't quite as secure.
[color=blue]
> You could loop it too... in fact, I think many of the
> pre-packaged *wipe* programs are mini Linux distros that do
> just this.
>
> dd if=/dev/random of=/dev/your_hard_drive[/color]


--
Grant Edwards grante Yow! I always liked FLAG
at DAY!!
visi.com

Re: Destructive Windows Script

rbt <rbt@athop1.ath .vt.edu> writes:
[color=blue]
> Mike Meyer wrote:[color=green]
>> "Terry Reedy" <tjreedy@udel.e du> writes:
>>[color=darkred]
>>> On *nix, one could open '/dev/rawdisk' (actual name depends on the
>>> *nix build) and write a tracks worth of garbage for as many tracks
>>> as there are. I don't how to programmaticly get the track size and
>>> number (if there is a standard way at all).[/color]
>> Modern Unix systems assume drives don't care much about geometry,
>> what
>> with sector forwarding and variable track lengths and the like.
>> Just open the raw disk device (assuming your Unix has such), and
>> start
>> writing data to it. Keep going until the write fails at the end of the
>> media.
>> <mike[/color]
>
> Wouldn't /dev/urandom or /dev/random on Linux systems work better?[/color]

Well, that would certainly make a good source for the data you write.
[color=blue]
> It's the kernel's built in random number generator. It'd fill the
> drive with random bits of data. You could loop it too... in fact, I
> think many of the pre-packaged *wipe* programs are mini Linux distros
> that do just this.
>
> dd if=/dev/random of=/dev/your_hard_drive[/color]

That works. You may want to set a block size for performance reasons.

<mike
--
Mike Meyer <mwm@mired.or g> http://www.mired.org/home/mwm/
Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information.

Re: Destructive Windows Script

On Mon, 6 Jun 2005 15:20:33 -0400, "Terry Reedy" <tjreedy@udel.e du>
declaimed the following in comp.lang.pytho n:
[color=blue]
>
> OT but I am curious: does a metallic case act as a metallic shield, so that
> the case needs to be opened to do this? (Conversely, is a magnet near a
> disk drive a danger to it?)
>[/color]
Most disk drive cases look to be a non-ferrous alloy, no block
to a drive... And yes, sticking a magnet on the side of the computer
near the a drive could be a threat <G>[color=blue]
>
> I take this to mean the the drive is non-functional and might have well
> been melted, except that demagnetising is cheaper.
>[/color]
Correct.

--[color=blue]
> =============== =============== =============== =============== == <
> wlfraed@ix.netc om.com | Wulfraed Dennis Lee Bieber KD6MOG <
> wulfraed@dm.net | Bestiaria Support Staff <
> =============== =============== =============== =============== == <
> Home Page: <http://www.dm.net/~wulfraed/> <
> Overflow Page: <http://wlfraed.home.ne tcom.com/> <[/color]

Re: Destructive Windows Script

On Mon, 06 Jun 2005 15:48:48 GMT, Dennis Lee Bieber
<wlfraed@ix.net com.com> declaimed the following in comp.lang.pytho n:

[color=blue]
> On an old Amiga, this would be child's play -- The Amiga stored
> file names in "file header blocks"; directory blocks only had pointers[/color]

I should clarify: deletion unlinked the file header from the
directory chain and marked the sectors as free in the disk bitmap, but
did not modify the file name stored in the file header. So a simple disk
sector browser could be used to locate file headers, then relink them to
a directory and mark the data sectors in use...

Originally, data sectors used some space to hold pointers back
to file headers, and to next data sector... Made it easy to recover
since almost any disk block could be used to locate the header, then
chain all the data back... Overhead was getting only 488 data bytes per
sector.


--[color=blue]
> =============== =============== =============== =============== == <
> wlfraed@ix.netc om.com | Wulfraed Dennis Lee Bieber KD6MOG <
> wulfraed@dm.net | Bestiaria Support Staff <
> =============== =============== =============== =============== == <
> Home Page: <http://www.dm.net/~wulfraed/> <
> Overflow Page: <http://wlfraed.home.ne tcom.com/> <[/color]

Re: reg php.ini equivalent file in python

I think it depends on your os variables

Re: Destructive Windows Script

rbt wrote:[color=blue]
> data = ['0', 'a', '1', 'b', '2', 'c',\
> '3', 'd', '4', 'e', '5', 'f',\
> '6', 'g', '7', 'h', '8', 'i',\
> '9', 'j', '~', '!', '@', '#',\
> '$', '%', '^', '&', '*', ';']
>[/color]

Note that the backslashes are redundant between pairs
of [ ], ( ) or { }. Just write:

data = ['0', 'a', '1', 'b', '2', 'c',
'3', 'd', '4', 'e', '5', 'f',
'6', 'g', '7', 'h', '8', 'i',
'9', 'j', '~', '!', '@', '#',
'$', '%', '^', '&', '*', ';']


(Not that it solves your disk wiping issue.)

Re: Destructive Windows Script

Magnus Lycka <lycka@carmen.s e> wrote:
[color=blue]
>rbt wrote:[color=green]
>> data = ['0', 'a', '1', 'b', '2', 'c',\
>> '3', 'd', '4', 'e', '5', 'f',\
>> '6', 'g', '7', 'h', '8', 'i',\
>> '9', 'j', '~', '!', '@', '#',\
>> '$', '%', '^', '&', '*', ';']
>>[/color]
>
>Note that the backslashes are redundant between pairs
>of [ ], ( ) or { }. Just write:
>
> data = ['0', 'a', '1', 'b', '2', 'c',
> '3', 'd', '4', 'e', '5', 'f',
> '6', 'g', '7', 'h', '8', 'i',
> '9', 'j', '~', '!', '@', '#',
> '$', '%', '^', '&', '*', ';']
>
>
>(Not that it solves your disk wiping issue.)[/color]

This is a lot easier to type:

data = list("0a1b2c3d4 e5f6g7h8i9j~!@# $%^&*;")
--
- Tim Roberts, timr@probo.com
Providenza & Boekelheide, Inc.

Re: Destructive Windows Script

Grant Edwards <grante@visi.co m> writes:
[color=blue][color=green]
> > I take this to mean the the drive is non-functional and might
> > have well been melted, except that demagnetising is cheaper.[/color]
>
> Yup.[/color]

In a frequently cited scary paper (on the web &c.), Peter Gutmann claims
claims that's not true in practise, IIRC:




Go for the thermite reaction instead!-) (please don't try that at home, kids)


John