September 28, 2005

Darik's Boot and Nuke: A great tool for obliterating your data

Author: Lee A. Spain

Do you know what happened to your data when you disposed of your last PC? With identity theft on the rise, it's important to make sure your information is removed before you get rid of that old hard drive. Thanks to the work of developer Darik Horn, there's an excellent tool to wipe data off of a hard disk: Darik's Boot and Nuke (DBAN).

When DBAN is finished with your hard drives, the master boot record, partition table, and every sector of the drive will have been overwritten in accordance with one of five well-regarded industry guidelines. DBAN is powerful stuff and has been used by US federal agencies, such as the Department of Energy's National Nuclear Security Administration (NNSA), to prepare machines for disposal.

In addition to removing personal data, DBAN can also be used to return drives to a pristine state for reuse. DBAN uses Linux to boot up, and can wipe IDE, SATA, XT, and SCSI hard drives. DBAN does not work at all on USB drives, FireWire drives, or hardware RAID devices.

I tried DBAN v.1.0.5 when one of my computers became hopelessly perplexed after multiple installations of various Linux and Windows operating systems. After installing Linspire, SUSE 9.1, and several other distributions, I could not install Linux on my fairly new Celeron D machine with a 40GB hard drive. To make matters worse, I also could not reinstall Windows XP. The XP installer was apparently confused by the presence of a Linux file system. Finally, I resorted to the "nuke" option. I downloaded the DBAN ISO image on another computer, burned it to a CD, and fed it to my malfunctioning PC.

The disk-wiping process is relatively simple. First, I had to go into the BIOS and change the startup options to ensure that it would boot to the CD-ROM drive first. After booting with the DBAN CD, I was presented with a simple text menu with the available options. The menu offers five options -- learn more about DBAN, get a list of quick commands, see troubleshooting tips, start DBAN in interactive mode, or start DBAN in automatic ("autonuke") mode.

My only difficulty was in navigating to an option to read about DBAN and then navigating back to the main menu. DBAN doesn't give you a chance to go back to the main menu once you've chosen one of the menu options. The only choice is to proceed to the next operation, or reboot the machine to start at the main menu.

The DBAN main menu - click to enlarge

Once I was done reading, DBAN gave me the choice of six drive wiping routines. The fastest choice, Quick Erase, simply fills the hard drive with zeroes in one pass. Since technicians with the right equipment could conceivably still recover data from this type of wipe, DBAN rates it as a low-security option.

The second choice, RCMP TSSIT OPS-II, uses the techniques recommended by the Royal Canadian Mounted Police Technical Security Standards for Information Technology in Appendix Ops-II: Media Sanitation. It is rated as a medium-security technique because DBAN makes eight drive-wiping passes with a random byte in the overwrite sequence changed each time. Apparently, the Mounties prefer this to letting horses stomp on hard drives.

The third choice, DoD Short, is based on the American Department of Defense Standard 5220-22.M. It is also rated as a medium-security option because it makes three of the seven passes recommended under the standard.

The fourth option, DoD 5220-22.M, is a stronger medium-security option because it makes the recommended seven passes across each hard drive.

For the fifth option DBAN offers the Gutmann Wipe as a high-security option. It makes 35 passes across the hard drive as outlined in security expert Peter Gutmann's 1996 paper "The Secure Deletion of Data from Magnetic and Solid-State Memory." However, due to changes in the different data encoding schemes now used by modern hard drives, Gutmann no longer recommends 35 passes. A few random passes should suffice.

Finally, DBAN offers the PRNG Stream option. This method overwrites the drive with a stream from the Pseudo Random Number Generator (PRNG). With the PRNG Stream, DBAN users can choose a medium-security option of four passes or a high-security option of eight passes.

For my test, I chose the DoD Short method. DBAN made three passes on my hard drive in an hour and nine minutes.

DBAN is not for the impulsive. If you don't have a government lab, an electron microscope, a dedicated team of computer forensics specialists, and a huge amount of time and money, you will not recover your data after DBAN has wiped your hard drive. Obviously, before you get started, you should backup important data. If you plan to use the computer again, you should have an operating system at hand, and find any driver and application installation disks that you'll need. You'll also want to make sure that your system can boot to something other than your hard drive.

DBAN is also not for the impatient. It can take a long time to write over every sector of your hard drive multiple times. Some users report that DBAN took up to 24 hours to erase their data using the most rigorous methods. While DBAN is constantly improving, if the Linux community does not have a good driver for a particular hard drive, you can expect slow performance. However, if your machine runs Linux well, you probably won't have problems with DBAN.

Overall, I found DBAN to be a great "nuke" option. However, there are a few other open source tools for wiping hard drives. A disk wiping utility called Autoclave performs the same function as DBAN. However, as of last March, it is no longer supported by its developer; he now recommends DBAN instead as a superior tool for wiping disks.

For Windows users, Heidi Computers Ltd. offers a free open source tool called Eraser. It has a utility for creating a DBAN boot CD for drive wiping, but also runs as a desktop application that offers the ability to securely wipe only specified folders and files. Heidi Computers also hosts a DBAN support forum.

For Linux, a secure file wiping utility called Wipe is also available. Additionally, there are also a variety of Linux command-line incantations that can be used to fill a hard drive with zeroes or nulls.

For my needs, DBAN did the trick. Once DBAN was finished with my hard drive, I had a nice clean landing pad for the Linux distribution of my choice.