-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 10/01/2011 07:25 AM, Bruno Wolff III wrote:
On Fri, Sep 30, 2011 at 21:04:13 -0700,
Linda McLeod <lindavaldeen(a)fastmail.fm> wrote:
> My IP and OS are a vandalism target of mindless childish hellbound kooks
> hellbent on causing me grief to appease their delusions that I'm in any
> ways like them, and that I might somehow want to help them solve their
> useless bullyish lives.. is why I find it best to "DBAN" compromised
> OS's, to make hd's totally clean for new installs...
I think having a DBAN CD is a better idea. Otherwise it would be too
easy for an inexperienced user to wipe their disk by mistake.
DBAN is used when you are going to lose control of the media (because
you are
selling it or throwing it out) to prevent people from recovering your data.
It isn't needed to prevent you from accidentally running code looking at
data left behind after a compromise. A reinstall (including rewriting the
MBR and repartitioning) is good enough.
Also related to this is that hdparm will let you use the secure erase
feature of disk drives that support that feature.
You may not be able to do this if the drive is in the computer when
you boot. It is a "feature" of the BIOS that disables this option at
boot.
Mikkel
- --
Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk6HlLQACgkQqbQrVW3JyMT3ZQCeKrS2Pzque8d/iZMEUNi9Rzdp
jAoAn1Lq111m1wYW3AQHycrDquoYP85U
=j/js
-----END PGP SIGNATURE-----