/ FEATURE
it further? Another Linux command that we can run from our device isn’t really random in a technical sense, but for our
trusty live CD is: purposes it’s close enough – especially as we’ll zero the disk
afterwards. Like the previous command, this one writes data
cat /dev/urandom > /dev/sda across the entire disk. But unlike the last command, where the
drive is zeroed and appears to be “new”, a drive that has been
The only difference here is that rather than generating randomised but not zeroed is very obvious. In other words,
zeros, this device generates random data. Security experts anyone looking at your disk will know that you erased it, even
will of course gasp at this blasphemy: the /dev/urandom if they cannot retrieve the information itself.
Disk Utility, a tool available on Mac OS X, supports both
the DoD recommendation and Gutmann’s patterns. More
/ Deleting and Erasing
details on how Disk Utility works and the patterns it uses can
be found on Apple’s official support site here http://support.
Deleting files removes them as far as the end-user is
concerned, and all operating systems provide commands for
apple.com/kb/TA24002/.
this purpose. But, because overwriting a large file can take a Most live Linux and Unix CDs come with the shred command
long time, and most data is not particularly sensitive, deletion
these days. This command is very handy and combines most
just removes the links that point to a file’s data on the disk.
of what we’ve looked at already. For example, running the fol-
There are “undelete” tools that can recover such data, so if
you want to make sure no one reads deleted files, you must
lowing command will randomise the disk 19 times followed by
overwrite them with fresh data or a meaningless pattern. This a layer of zeros.
is known as erasing a file.
shred -vzn 20 /dev/sda
17
DF1_15-19_2nd Feature.indd 17 29/10/09 5:07:34 pm